baltuska.com Open in urlscan Pro
50.62.90.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://baltuska.com/
Effective URL:
https://baltuska.com/
Submission Tags: falconsandbox
Submission: On September 22 via api (September 22nd 2022, 7:18:21 pm UTC) from US — Scanned from DE

Summary HTTP 93 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 93 HTTP transactions. The main IP is 50.62.90.29, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is baltuska.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 1st 2022. Valid for: a year.

This is the only time baltuska.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	50.62.90.29 50.62.90.29	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
44	2a02:fe80:101... 2a02:fe80:1010::16	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:400d:805::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.101.139 143.204.101.139	16509 (AMAZON-02) (AMAZON-02)
1	45.60.14.54 45.60.14.54	19551 (INCAPSULA) (INCAPSULA)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	44.236.239.241 44.236.239.241	16509 (AMAZON-02) (AMAZON-02)
4	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	52.222.206.118 52.222.206.118	16509 (AMAZON-02) (AMAZON-02)
2	52.11.214.47 52.11.214.47	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
93	19

3 50.62.90.29 (United States) 1 redirects

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 29.90.62.50.host.secureserver.net

baltuska.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a02:fe80:1010::16 (United States)

ASN30148 (SUCURI-SEC, US)

secureservercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-139.fra50.r.cloudfront.net

d3gxy7nm8y4yjr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.14.54 (United States)

ASN19551 (INCAPSULA, US)

shield.sitelock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.236.239.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-239-241.us-west-2.compute.amazonaws.com

app.acuityscheduling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

cdn-marketing.acuityscheduling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-s.acuityscheduling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-118.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.11.214.47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-214-47.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	secureservercdn.net secureservercdn.net — Cisco Umbrella Rank: 16173	15 MB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	799 KB
7	acuityscheduling.com app.acuityscheduling.com — Cisco Umbrella Rank: 68814 cdn-marketing.acuityscheduling.com — Cisco Umbrella Rank: 47212 cdn-s.acuityscheduling.com — Cisco Umbrella Rank: 69148	209 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 jnn-pa.googleapis.com — Cisco Umbrella Rank: 273	33 KB
4	gstatic.com fonts.gstatic.com	85 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	39 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 340	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	489 B
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2561 api.amplitude.com — Cisco Umbrella Rank: 1363	24 KB
3	baltuska.com 1 redirects baltuska.com	296 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
1	sitelock.com shield.sitelock.com — Cisco Umbrella Rank: 66529	668 B
1	cloudfront.net d3gxy7nm8y4yjr.cloudfront.net	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	42 KB
0	thomaskepka.com Failed kellybaltuska.thomaskepka.com Failed
93	15

	Domain	Requested by
44	secureservercdn.net	baltuska.com
10	www.youtube.com	secureservercdn.net www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	www.google-analytics.com	baltuska.com www.google-analytics.com app.acuityscheduling.com
3	www.facebook.com	app.acuityscheduling.com baltuska.com
3	cdn-marketing.acuityscheduling.com	app.acuityscheduling.com
3	app.acuityscheduling.com	baltuska.com app.acuityscheduling.com
3	fonts.googleapis.com	baltuska.com app.acuityscheduling.com cdn-marketing.acuityscheduling.com
3	baltuska.com	1 redirects secureservercdn.net
2	googleads.g.doubleclick.net	1 redirects baltuska.com
2	api.amplitude.com	cdn.amplitude.com
2	connect.facebook.net	app.acuityscheduling.com connect.facebook.net
1	static.doubleclick.net	www.youtube.com
1	cdn.amplitude.com	app.acuityscheduling.com
1	cdn-s.acuityscheduling.com	app.acuityscheduling.com
1	shield.sitelock.com	baltuska.com
1	d3gxy7nm8y4yjr.cloudfront.net	baltuska.com
1	www.googletagmanager.com	baltuska.com
0	kellybaltuska.thomaskepka.com Failed	baltuska.com
93	20

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
plus.google.com
www.youtube.com
www.yelp.com
baltuskachiropractic.acuityscheduling.com
priorityfittraining.com
www.meetup.com

Subject Issuer	Validity	Valid
baltuska.com Go Daddy Secure Certificate Authority - G2	`2022-09-01` - `2023-10-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
secureservercdn.net Starfield Secure Certificate Authority - G2	`2022-05-27` - `2023-05-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.sitelock.com Sectigo RSA Organization Validation Secure Server CA	`2022-02-09` - `2023-02-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
acuityscheduling.com Amazon	`2022-07-16` - `2023-08-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-02` - `2022-09-30`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://baltuska.com/
Frame ID: 1795C4601AABAEA2E18572E1E301821B
Requests: 58 HTTP requests in this frame

Frame: https://app.acuityscheduling.com/schedule.php?owner=11577778
Frame ID: 3914209CD9CFC9DE936F6CC5280793FC
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1
Frame ID: 59DF0FC282495B64F7AC9933C7F22EE4
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dr. Kelly Baltuska | Lenexa, Kansas Chiropractor

Page URL History Show full URLs

http://baltuska.com/ HTTP 301
https://baltuska.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

93
Requests

97 %
HTTPS

61 %
IPv6

15
Domains

20
Subdomains

19
IPs

4
Countries

16623 kB
Transfer

20676 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/@KellyBaltuskaDC
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/baltuskachiropractic
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/kelly-baltuska-dc-430b7761
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://plus.google.com/+KellyBaltuskaDC/
Title: Gplus

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC9Zj8MzpCXIrHmkV72giBrw
Title: Youtube

Search URL Search Domain Scan URL

URL: http://www.yelp.com/biz/baltuska-chiropractic-lenexa
Title: Yelp

Search URL Search Domain Scan URL

URL: https://baltuskachiropractic.acuityscheduling.com/schedule.php

Search URL Search Domain Scan URL

URL: http://priorityfittraining.com/
Title: Priority Fitness

Search URL Search Domain Scan URL

URL: https://www.meetup.com/Be-Fit-For-Life-Johnson-County/
Title: https://www.meetup.com/Be-Fit-For-Life-Johnson-County/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://baltuska.com/ HTTP 301
https://baltuska.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
baltuska.com/
Redirect Chain

http://baltuska.com/
https://baltuska.com/

68 KB
15 KB

798ms
484ms

Document
text/html

50.62.90.29
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://baltuska.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.62.90.29 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

29.90.62.50.host.secureserver.net

Software

openresty /

Resource Hash

6aadff1b1a8f18d2336035d3c87f73104461aa265a35755f1279bec1e92c90d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 19:18:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: openresty
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-pingback: https://baltuska.com/xmlrpc.php
x-xss-protection: 1; mode=block

Redirect headers

Age: 86053
Content-Encoding: gzip
Content-Length: 189
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 21 Sep 2022 19:23:57 GMT
Location: https://baltuska.com/
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: cached
X-Cache-Hit: HIT
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 63ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0690262903337c5392e015553dd03594040f0c86bfe53f1a3200f619d9e6d499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 17:27:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 19:18:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 19:18:11 GMT

GET
H2 200 style.min.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 629ms
578ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "15b64-5e87c63cb8977-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 11681
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:11 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 635ms
585ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "a50-5cd1b0d081d80-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 932
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Sep 2021 04:49:10 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 grid.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/ 9 KB
3 KB 640ms
589ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/grid.css?ver=2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9e3f45179711015aa2dcac0689784ad76fd2055a3b13da58a88a1590057b719

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
vary: Accept-Encoding
content-length: 2054
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:28:21 GMT
server: nginx
x-php-version: 7.4
etag: "2368-5b0ed4b52ab40-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 base.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/ 13 KB
4 KB 645ms
595ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/base.css?ver=2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f71f3cef7c1ddf2365f5c3b37ddd8028b657259eb8117b6b5d0cea670736046a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "34e5-5b0ed645b5c40-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 3996
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:35:21 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layout.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/ 108 KB
22 KB 775ms
726ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/layout.css?ver=2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

87b084b095beac78b4a447b97be335a557ab402b83932463ed88bba115f68fef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "1b1e8-5b0ed89408d00-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 21559
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:45:40 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:12 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shortcodes.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/ 181 KB
33 KB 969ms
919ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/shortcodes.css?ver=2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

8387fd90194712121204b88354859e02d81b20dc73daec0d4e18347493e4cfad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "2d393-5b0ed5072ecc0-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 32725
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:29:47 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:12 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/aviapopup/ 7 KB
2 KB 636ms
587ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/aviapopup/magnific-popup.css?ver=1&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

89fa5089c37a32c5be8938c9ab9fb7aad4345b2c7cc4dcd1055e07cf8c9f0581

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "1dd8-5b0ed85ad0600-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 1914
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:44:40 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelementplayer.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/mediaelement/skin-1/ 18 KB
4 KB 637ms
588ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/mediaelement/skin-1/mediaelementplayer.css?ver=1&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

611969fcccd89efd6c58a4e957ed5811d4f48efe3c1c1f04bcdafb8d04adfa91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "4747-5b0ed61512980-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 3274
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:34:30 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 enfold_child.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/dynamic_avia/ 149 KB
18 KB 776ms
727ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/dynamic_avia/enfold_child.css?ver=590f136e25adc&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

35e3e5fb2c894be03afe3b7b3f511bb97e7a260e79df4370b17ea84553b455a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "253cd-5b0ed694dd700-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 17952
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:36:44 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:12 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/ 707 B
853 B 641ms
592ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/custom.css?ver=2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb04c84b625847684f6b428b2acc5772b549e12d18acf8ca9b6a356cdb661fbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "2c3-5b0ed7b6c8300-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 325
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:41:48 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold-child/ 466 B
851 B 640ms
591ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold-child/style.css?ver=2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

2fa93e53e6fc5077724afde41cf2dab36ba043d10971b2ac84d1cf81b99dc214

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "1d2-5b0ed4ea92940-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 324
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:29:17 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-meetup.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/plugins/wp-meetup/assets/css/ 4 KB
2 KB 642ms
593ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/plugins/wp-meetup/assets/css/wp-meetup.css?ver=6.0.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

ca6924edcc978a1f1d890c47841b15567a147e7545f4f030bc7e91e967c9ea50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "103f-5b0ed4ca25cc0-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 1017
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:28:43 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/jquery/ 87 KB
31 KB 1973ms
1924ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "15db1-5e87c63d67a41;5b0032e13e700
x-cacheable: YES
x-backend: local
age: 192694
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 30908
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:12 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:13 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/jquery/ 11 KB
5 KB 639ms
590ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "2bd8-5e87c63d65719-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 4169
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:12 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avia-compat.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/ 2 KB
1 KB 642ms
594ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/avia-compat.js?ver=2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

efdd464e865bd091ac6944b9d999124c8e19fa28a23f25f55651bbdea9a4bda9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "83a-5b0ed571fe8c0-gzip"
x-cacheable: YES
x-backend: local
age: 192693
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 960
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:31:39 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:11 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 144ms
60ms Script
application/javascript 2a00:1450:400d:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42182549-2

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94218bd3e3664c342fb55c172575379e975fcc9a561acbb92d217cb82388df5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42216
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Sep 2022 19:18:14 GMT

GET baltuska-300x234.png
kellybaltuska.thomaskepka.com/wp-content/uploads/2015/03/ 0
0

GET baltuska-white-300x234.png
kellybaltuska.thomaskepka.com/wp-content/uploads/2015/03/ 0
0

GET
H/1.1 200
OK embed.js Show response
d3gxy7nm8y4yjr.cloudfront.net/js/ 3 KB
2 KB 43ms
8ms Script
application/javascript 143.204.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3gxy7nm8y4yjr.cloudfront.net/js/embed.js

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-139.fra50.r.cloudfront.net

Software

Resource Hash

8bb14a1d2fe3ce3336ec654ac14022dda20b099b5c7527020f2edf15035a978d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 13:55:45 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
Age: 2179347
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1492
Last-Modified: Fri, 12 Aug 2022 20:09:56 GMT
ETag: "d82-5e610dda50d00-gzip"
Vary: Accept-Encoding
strict-transport-security: max-age=63072000; preload
Content-Type: application/javascript
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 9Nxo7S49wwuvb0e-L9rtlI8etygf7-aKp6PWMu8ExvlF_4Uu68CJqQ==
Expires: Tue, 27 Sep 2022 13:55:45 GMT

GET
H2 200 book-an-appointment.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2017/02/ 18 KB
18 KB 726ms
722ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2017/02/book-an-appointment.png?time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

4435cbc220751dffd991a7d04fdb4579061006dee117694aa62e73d9d490fed9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 18160
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:29:32 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "46f0-5b0ed4f8e0b00"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Dr-b-talks.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/ 15 KB
15 KB 726ms
723ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/Dr-b-talks.png?time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ffb8fdb70d99473d73302a5a6f19f4cb87b2dbb758d3570b97f56ad85658549

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 14944
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:35:24 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "3a60-5b0ed64892300"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Fit_For_Life_Sign-1500x630.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/ 2 MB
2 MB 729ms
726ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/Fit_For_Life_Sign-1500x630.png

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9ca9969d913aa1fc3ffb05fabaf7e518156cba4513e6a3e4bacf9d4ec4ab667

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 33640
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 2231002
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:27:51 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "220ada-5b0ed4988e7c0"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Woman_Ball_Throw-1500x630.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/ 2 MB
2 MB 738ms
735ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/Woman_Ball_Throw-1500x630.png

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cbb19aaaa83bf773932cca27f2d28ad5c1955c8849b0058aa3322c61d28a12d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 28551
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 1924446
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:30:42 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "1d5d5e-5b0ed53ba2880"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Chad_Hero_02-1500x630.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/ 2 MB
2 MB 732ms
729ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/Chad_Hero_02-1500x630.png

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a7e73242618c5945a8c0f13208db2eeb11a31c1b9ef56c5e89cb3b68946379f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 28551
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 1824418
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:34:36 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "1bd6a2-5b0ed61acb700"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Getting_Water-1500x630.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/ 2 MB
2 MB 734ms
732ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/Getting_Water-1500x630.png

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

c5e1f7cf167914085489176916c2648ef9dac471bf55fa5a0532f9693fc2887b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 28551
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 2081396
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:44:09 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "1fc274-5b0ed83d40040"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Kelly_Mtn_Climbers-1500x630.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/ 2 MB
2 MB 738ms
736ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/Kelly_Mtn_Climbers-1500x630.png

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

923d29c91246aaa7e794fbe30d75489fd5fb093854e7d9f4e0554497b3d72156

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 28551
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 2449858
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:37:59 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "2561c2-5b0ed6dc63fc0"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Knees_Right_Logs-1500x630.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/ 2 MB
2 MB 724ms
722ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/Knees_Right_Logs-1500x630.png

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

7291efb5d3031ece312b4c76b34000f6085ea5b3cd66c11d1f720fe8e0006bea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 28551
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 2400115
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:30:39 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "249f73-5b0ed538c61c0"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Meal_Prep_05-1500x630.png
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/ 2 MB
2 MB 732ms
730ms Image
image/png 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2014/07/Meal_Prep_05-1500x630.png

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac8e97934aab5099b58398891b05fcb019bec9ed11c4659594784dfef7404088

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 33640
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 1943503
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:33:10 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "1da7cf-5b0ed5c8c7580"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK baltuska.com
shield.sitelock.com/shield/ 35 B
668 B 360ms
321ms Image
image/gif 45.60.14.54
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shield.sitelock.com/shield/baltuska.com
Requested by: Host: baltuska.com
URL: https://baltuska.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.54 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: lighttpd /
Resource Hash: b18c315b986e7bcf03bbfff949dd65345f4cbabeec5267ade74c354d73cf5e28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Iinfo: 8-5350509-5349867 2NNN RT(1663874293145 12) q(0 0 0 0) r(3 3) U18
Date: Thu, 22 Sep 2022 19:17:48 GMT
Server: lighttpd
Content-Length: 35
X-CDN: Imperva
Content-Type: image/gif; charset=ISO-8859-1

GET
H2 200 regenerator-runtime.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 580ms
580ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 192694
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
vary: Accept-Encoding
content-length: 2457
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:11 GMT
server: nginx
x-php-version: 7.4
etag: "194b-5e87c63d31af8;5b0032e13e700
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 583ms
582ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "4ac6-5e87c63d34208-gzip"
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 7095
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:11 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:13 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 576ms
576ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "32bb-5cd1b0d081d80-gzip"
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 4071
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Sep 2021 04:49:10 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:13 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avia.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/ 126 KB
35 KB 719ms
714ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/avia.js?ver=3&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

37c2d942edf25a9cd60511b0a5cd9462f99ba84b45a1241124d40d07ee58256a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "1f792-5b0ed5fc46f00-gzip"
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 34805
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:34:04 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shortcodes.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/ 152 KB
36 KB 583ms
577ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/shortcodes.js?ver=3&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

26f5da616807cb2ffcacc1120c37be38f15a44636033a3758cb78430e7f037cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "2618e-5b0ed50ddbc80-gzip"
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 36682
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:29:54 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:13 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/aviapopup/ 20 KB
8 KB 577ms
572ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js?ver=2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "51d3-5b0ed4a6dc980-gzip"
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 7594
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:28:06 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:13 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/mediaelement/ 154 KB
38 KB 720ms
715ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "267aa-5e87c63d787c9-gzip"
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 38657
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:12 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/mediaelement/ 1 KB
1 KB 582ms
578ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
vary: Accept-Encoding
content-length: 540
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:12 GMT
server: nginx
x-php-version: 7.4
etag: "4a7-5e87c63d760b9-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-mediaelement.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/mediaelement/ 906 B
1013 B 576ms
571ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "38a-5e87c63d77829-gzip"
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 475
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:12 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:13 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/ 3 KB
2 KB 587ms
582ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/comment-reply.min.js?ver=6.0.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "ba5-5e87c63d29df8-gzip"
x-cacheable: YES
x-backend: local
age: 192695
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 1351
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:11 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:13 GMT
vary: Accept-Encoding
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/ 18 KB
5 KB 584ms
582ms Script
application/javascript 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 192694
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
vary: Accept-Encoding
content-length: 5009
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 15:17:12 GMT
server: nginx
x-php-version: 7.4
etag: "48b9-5e87c63d7d9d2-gzip"
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 print.css
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/ 5 KB
2 KB 593ms
591ms Stylesheet
text/css 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/css/print.css?ver=1&time=1663681392

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d5daa676d70996f49eb40dcf62fae0e28abeee0eb16539ef9a597855a28e09ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "12fa-5b0ed54eb5580-gzip"
x-cacheable: YES
x-backend: local
age: 192694
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-length: 1643
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:31:02 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:13 GMT
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 63ms
14ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 973
date: Thu, 22 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 22 Sep 2022 21:02:00 GMT

GET
H2 200 entypo-fontello.woff
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/ 30 KB
31 KB 734ms
718ms Font
font/woff 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baltuska.com/
Origin: https://baltuska.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 71579
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 30804
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:43:54 GMT
server: nginx
x-php-version: 7.4
x-cache-hit: HIT
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "7854-5b0ed82ef1e80"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 yelp.woff
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/avia_fonts/yelp/ 3 KB
3 KB 591ms
576ms Font
font/woff 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/avia_fonts/yelp/yelp.woff

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

2fb761f4bd7993acecb6ee5cca10c64984a1c8d40b1e9dad074c619d2e3dd35b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baltuska.com/
Origin: https://baltuska.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 71579
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 2980
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:42:17 GMT
server: nginx
x-php-version: 7.4
x-cache-hit: HIT
date: Thu, 22 Sep 2022 19:18:13 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "ba4-5b0ed7d270440"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 71ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://baltuska.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 260859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:50:34 GMT

GET
H2 200 schedule.php Show response
app.acuityscheduling.com/ Frame 3914 36 KB
10 KB 635ms
247ms Document
text/html 44.236.239.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.acuityscheduling.com/schedule.php?owner=11577778

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.239.241 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-239-241.us-west-2.compute.amazonaws.com

Software

Resource Hash

7852b811b6c3f30abdb51cca825cfde719dae82b86ae298bb7a903d909b6e0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltuska.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 9923
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 19:18:14 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="CAO PSA OUR"
pragma: no-cache
strict-transport-security: max-age=63072000; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff

GET
H2 200 phlebotomy-495x400.jpg
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2021/09/ 29 KB
30 KB 719ms
718ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2021/09/phlebotomy-495x400.jpg

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a7fb3d85c7672efc8a665a62fec4b473635704e308b6b15e49c58e3208f31b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 28550
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 29847
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Sep 2021 14:33:36 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "7497-5cb7cc475f000"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 meet-baltuska-cropped-2.jpg
baltuska.com/wp-content/uploads/2016/04/ 280 KB
280 KB 315ms
314ms Image
image/jpeg 50.62.90.29
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://baltuska.com/wp-content/uploads/2016/04/meet-baltuska-cropped-2.jpg

Requested by

Host: secureservercdn.net
URL: https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/dynamic_avia/enfold_child.css?ver=590f136e25adc&time=1663681392

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.62.90.29 , United States, ASN398101 (GO-DADDY-COM-LLC, US),

Reverse DNS

29.90.62.50.host.secureserver.net

Software

openresty /

Resource Hash

2d6423e4470cc72432055b4a5c721d55eefae5b71546c6a097d55b9039cb4d0e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secureservercdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 192694
x-cache: cached
x-cacheproxy-retries: 0/2
content-length: 286417
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Oct 2020 14:31:15 GMT
server: openresty
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
etag: "45ed1-5b0ed55b1b2c0"
accept-ranges: bytes

GET
H2 200 IRSauna-495x400.jpg
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2021/01/ 32 KB
32 KB 717ms
716ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2021/01/IRSauna-495x400.jpg

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

49b57d43420dfa11572eb6d00c6437c6a32a6d78494ecfbc14b00e5735bf09dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 64529
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 32591
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Jan 2021 20:38:39 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "7f4f-5b96f0e7af1c0"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_5765-495x400.jpg
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2020/12/ 37 KB
38 KB 718ms
717ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2020/12/IMG_5765-495x400.jpg

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

37dbf7347c3c1290576ef2f520da8e1361b9d1fa0d2a7982e56b371e24edd043

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 64529
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 37900
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Dec 2020 17:13:19 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "940c-5b60b2cf989c0"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 phlebotomy-36x36.jpg
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2021/09/ 993 B
1 KB 575ms
574ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2021/09/phlebotomy-36x36.jpg

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

a4d6c2295fae8ccf8a9085f9864645f119c1e55c1efcccfbfdb86239cad91e49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 20772
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 993
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Sep 2021 14:33:36 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "3e1-5cb7cc475f000"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IRSauna-36x36.jpg
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2021/01/ 4 KB
4 KB 579ms
578ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2021/01/IRSauna-36x36.jpg

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

576f088bbfc95b540cacc564ac0a918a40966f7c20b406a5e706f4b309e526d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 20772
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 3592
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Jan 2021 20:38:39 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "e08-5b96f0e7af1c0"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_5765-36x36.jpg
secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2020/12/ 1 KB
2 KB 573ms
572ms Image
image/jpeg 2a02:fe80:1010::16
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/uploads/2020/12/IMG_5765-36x36.jpg

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

7c90061df0a37de7b5d90599e0c83cf059dc888a52c9b2f30cec324943a1dd4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: local
age: 20771
x-cache: cached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 1370
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Dec 2020 17:13:19 GMT
server: nginx
x-php-version: 7.4
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15016
etag: "55a-5b60b2cf989c0"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 26ms
25ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1039404656&t=pageview&_s=1&dl=https%3A%2F%2Fbaltuska.com%2F&ul=en-us&de=UTF-8&dt=Dr.%20Kelly%20Baltuska%20%7C%20Lenexa%2C%20Kansas%20Chiropractor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1036768190&gjid=954255217&cid=1349684191.1663874294&tid=UA-42182549-1&_gid=1434481591.1663874294&_r=1&_slc=1&z=779218736

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltuska.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 19:18:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baltuska.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 24ms
24ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1039404656&t=pageview&_s=1&dl=https%3A%2F%2Fbaltuska.com%2F&ul=en-us&de=UTF-8&dt=Dr.%20Kelly%20Baltuska%20%7C%20Lenexa%2C%20Kansas%20Chiropractor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1514098362&gjid=696953520&cid=1349684191.1663874294&tid=UA-42182549-2&_gid=1434481591.1663874294&_r=1&gtm=2ou9l0&z=373015463

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://baltuska.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 19:18:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baltuska.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 schedule-weekly.css
cdn-marketing.acuityscheduling.com/built/csp/ Frame 3914 150 KB
31 KB 50ms
8ms Stylesheet
text/css 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-marketing.acuityscheduling.com/built/csp/schedule-weekly.css?v=aa258a

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

412d03b388bfb50e08fb23537f5cbd8880ce2799018588ecb8358d8bf3733957

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3745
x-cache: HIT
content-length: 31577
etag: "257f8-5e94752767cc0-gzip"
x-served-by: cache-fra19180-FRA
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 18:15:48 GMT
last-modified: Thu, 22 Sep 2022 17:23:39 GMT
x-timer: S1663874295.675967,VS0,VE0
date: Thu, 22 Sep 2022 19:18:14 GMT
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
via: 1.1 varnish
access-control-expose-headers: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2

GET
H3 200 css
fonts.googleapis.com/ Frame 3914 2 KB
564 B 59ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 18:59:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 19:18:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 19:18:14 GMT

GET
H2 200 logo11577778.jpeg
cdn-s.acuityscheduling.com/ Frame 3914 32 KB
33 KB 924ms
890ms Image
image/jpeg 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-s.acuityscheduling.com/logo11577778.jpeg?1473978362
Requested by: Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 299a8c8eac4c62bf1e094bdb614c03f00eb122dca7719223b8a3eac154bace43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: rQPfcaX8vDhLuhM1YNlk7lVDTG6weVH9
via: 1.1 varnish
etag: "edcd415f115736fcf9b07145a85c0670"
age: 0
x-cache: MISS
content-length: 33255
x-amz-id-2: a7RAdEjP17BBKCpS/lmJKw8wbF7J5pGXb0GZiROMIY6CsFLM1jsrAEYanxhNvzs3mpx7QEQ5SDQ=
x-served-by: cache-fra19180-FRA
last-modified: Mon, 22 Apr 2019 12:46:37 GMT
server: AmazonS3
x-timer: S1663874295.807115,VS0,VE882
date: Thu, 22 Sep 2022 19:18:15 GMT
vary: Accept-Encoding
x-amz-request-id: P7XDSYME9785NM12
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 0

GET
H2 200 powered-by-acuity.svg
app.acuityscheduling.com/img/brand/ Frame 3914 11 KB
5 KB 178ms
177ms Image
image/svg+xml 44.236.239.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.acuityscheduling.com/img/brand/powered-by-acuity.svg

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.239.241 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-239-241.us-west-2.compute.amazonaws.com

Software

Resource Hash

9037f054154f76cdefc17b43ab13af5b00c14a345fc06d3b8d485e8e0548b781

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.acuityscheduling.com/schedule.php?owner=11577778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 18:01:05 GMT
etag: "2a9a-5e947d855ba40-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; preload
accept-ranges: bytes
content-length: 4300
expires: Fri, 22 Sep 2023 19:18:14 GMT

GET
H2 200 squareWebPayments.js Show response
cdn-marketing.acuityscheduling.com/built/csp/ Frame 3914 8 KB
3 KB 16ms
14ms Script
application/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-marketing.acuityscheduling.com/built/csp/squareWebPayments.js?v=aa258a

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

33c9907fc97e30ad818ffd75d27905cfe21c87429a3b5312cbd7f726cc8949cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3745
x-cache: HIT
content-length: 2624
etag: "1e3d-5e94752767cc0-gzip"
x-served-by: cache-fra19180-FRA
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 18:15:49 GMT
last-modified: Thu, 22 Sep 2022 17:23:39 GMT
x-timer: S1663874295.710383,VS0,VE0
date: Thu, 22 Sep 2022 19:18:14 GMT
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
via: 1.1 varnish
access-control-expose-headers: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 16

GET
H2 200 schedule.all.js Show response
cdn-marketing.acuityscheduling.com/built/csp/ Frame 3914 450 KB
127 KB 8ms
8ms Script
application/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-marketing.acuityscheduling.com/built/csp/schedule.all.js?v=aa258a

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c919d2b82f8b74494c7ff6d3419db40cf9597339a8bc27da6e2502fef952118

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3745
x-cache: HIT
content-length: 129675
etag: "70686-5e9475285bf00-gzip"
x-served-by: cache-fra19180-FRA
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 18:15:49 GMT
last-modified: Thu, 22 Sep 2022 17:23:40 GMT
x-timer: S1663874295.767516,VS0,VE1
date: Thu, 22 Sep 2022 19:18:14 GMT
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
via: 1.1 varnish
access-control-expose-headers: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

GET
H3 200 css
fonts.googleapis.com/ Frame 3914 4 KB
651 B 26ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: cdn-marketing.acuityscheduling.com
URL: https://cdn-marketing.acuityscheduling.com/built/csp/schedule-weekly.css?v=aa258a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 18:23:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 19:18:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 19:18:14 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 72ms
34ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: secureservercdn.net
URL: https://secureservercdn.net/50.62.90.29/yvs.9f7.myftpupload.com/wp-content/themes/enfold/js/shortcodes.js?ver=3&time=1663681392

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12091a307d42a5b723f50d625cfe7fbd72d62902060f9bcf04f8ce2cd210dbe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 22 Sep 2022 19:18:14 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 3914 13 KB
13 KB 44ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.acuityscheduling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:24:40 GMT
x-content-type-options: nosniff
age: 183214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 16:24:40 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 3914 13 KB
13 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.acuityscheduling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 86002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 19:24:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 3914 101 KB
27 KB 59ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: YqHvwbZ92a8zG3zaDbyNm6QjBW0obVjHvo3e9Nd3guwU83mS+5LmIl8XbKdrWkG/DumyGllEtWMsHLUGkoUFiA==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 19:18:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3914 49 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 974
date: Thu, 22 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 22 Sep 2022 21:02:00 GMT

GET
H2 200 amplitude-8.9.0-min.gz.js Show response
cdn.amplitude.com/libs/ Frame 3914 70 KB
23 KB 61ms
9ms Script
application/javascript 52.222.206.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.9.0-min.gz.js
Requested by: Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8894b5d233bdc537122b63b9afabe2f14c048bf7651afdb18ee7f77baf26c0a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 01:33:34 GMT
content-encoding: gzip
age: 17430281
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23420
access-control-allow-origin: *
last-modified: Thu, 28 Oct 2021 05:43:01 GMT
server: AmazonS3
etag: "60777339090e25b5cb36d8ec78fa12bb"
x-amz-version-id: 6Kv17eP57wNJDplj6XU7us_bQ8yqU2Y_
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Qelv5VNpANtzZhh1dM5_28ezubuSvMsxrJpS1YmUJ_MjcrwPYO-7tw==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/64947e15/www-widgetapi.vflset/ 161 KB
52 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baltuska.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:17:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53539
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 19:17:24 GMT

POST
H2 200 / Show response
api.amplitude.com/ Frame 3914 7 B
205 B 183ms
183ms XHR
text/html 52.11.214.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.9.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.214.47 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-214-47.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 22 Sep 2022 19:18:15 GMT
trace-id: Root=1-632cb4f7-127980bf7a330f0d7e95db4c
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 575ms
179ms Preflight 52.11.214.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.214.47 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-214-47.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://app.acuityscheduling.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Thu, 22 Sep 2022 19:18:15 GMT
strict-transport-security: max-age=15768000

GET
H3 200 813774442813684 Show response
connect.facebook.net/signals/config/ Frame 3914 293 KB
84 KB 231ms
208ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/813774442813684?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e83ac0fe09feb2ab0b4d61f9df920d60e29849e4cf9d34a5f71a99636b2617ab

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: txCLX/vUltMNgKBZoVhwpMwfXUVZyjIrnTu4oO1Met8sDDRJa33HqTHHYsx2aQBvu/8ea5zXAanAc0lLoHRBUg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 19:18:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 eTrCc2hV5r8 Show response
www.youtube.com/embed/ Frame 59DF 41 KB
12 KB 82ms
81ms Document
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aae9fe889bd849a5557df49a25847acec9ba58b2dee1b1bd89a187d704f8cd5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://baltuska.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 22 Sep 2022 19:18:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/64947e15/ Frame 59DF 358 KB
49 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331577f2dea34be78e04f38773004d3e39c3370628d5233108397358a621dc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49662
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:18 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/64947e15/www-embed-player.vflset/ Frame 59DF 309 KB
96 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97978
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:31 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/ Frame 59DF 2 MB
577 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcfcc890d38af598070d6334e94089f8884f4c5ebb4a400d1f4ac303b503c8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 591011
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:46 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/64947e15/fetch-polyfill.vflset/ Frame 59DF 9 KB
3 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 59DF 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 201610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 11:18:05 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 3914 44 B
297 B 43ms
12ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=813774442813684&ev=PageView&dl=https%3A%2F%2Fapp.acuityscheduling.com%2Fschedule.php%3Fowner%3D11577778&rl=https%3A%2F%2Fbaltuska.com%2F&if=true&ts=1663874295271&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&it=1663874294971&coo=false&rqm=GET

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 22 Sep 2022 19:18:15 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 3914 44 B
101 B 43ms
12ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=813774442813684&ev=InitiateCheckout&dl=https%3A%2F%2Fapp.acuityscheduling.com%2Fschedule.php%3Fowner%3D11577778&rl=https%3A%2F%2Fbaltuska.com%2F&if=true&ts=1663874295273&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&it=1663874294971&coo=false&rqm=GET

Requested by

Host: app.acuityscheduling.com
URL: https://app.acuityscheduling.com/schedule.php?owner=11577778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 22 Sep 2022 19:18:15 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 59DF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

50ms
21ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d96d4c4020f9e9428e9d2064909a1a937e7f17b4ef86dbd471c90c7874fad61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 22 Sep 2022 19:18:15 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 59DF 29 B
588 B 182ms
15ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:04:42 GMT
x-content-type-options: nosniff
age: 813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 19:19:42 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 59DF 67 KB
31 KB 121ms
59ms XHR
application/json+protobuf 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1f16bafa8532b70614de14b74a53449ae82a1324c0498f73b48004440600581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 22 Sep 2022 19:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 31246
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 59DF 0
19 B 25ms
25ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=Vg0c5l2XSB59ojM7&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24226335%2C24248385%2C24255165%2C24260441%2C24262732%2C24269369%2C24277988%2C24278545%2C24280303%2C24289901%2C39322399&cl=475666202&seq=1&event=streamingstats&docid=eTrCc2hV5r8&cbr=Chrome&cbrver=105.0.5195.125&c=WEB_EMBEDDED_PLAYER&cver=1.20220920.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1
X-YouTube-Client-Version: 1.20220920.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJd3FEVUdmaHVMbyj36bKZBg%3D%3D
X-YouTube-Ad-Signals: dt=1663874295349&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2132%2C1852&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 19:18:15 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/ Frame 59DF 30 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516eadac5b177c303c3f7f4d4c67a5584125ec3050906d4707ccabc2a32bddfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9374
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:46 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 186ms
50ms Preflight
text/html 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 22 Sep 2022 19:18:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 schedule.php
app.acuityscheduling.com/ Frame 3914 0
456 B 198ms
198ms Image
text/html 44.236.239.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.acuityscheduling.com/schedule.php?action=gacid&gacid=1349684191.1663874294&PHPSESSID=grkkm0iitsdcd941k6um38ov2h

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.239.241 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-239-241.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.acuityscheduling.com/schedule.php?owner=11577778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 19:18:15 GMT
x-content-type-options: nosniff
vary: User-Agent
p3p: CP="CAO PSA OUR"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=63072000; preload
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 3914 44 B
91 B 24ms
10ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=813774442813684&ev=Microdata&dl=https%3A%2F%2Fapp.acuityscheduling.com%2Fschedule.php%3Fowner%3D11577778&rl=https%3A%2F%2Fbaltuska.com%2F&if=true&ts=1663874295788&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Schedule%20Appointment%20with%20Baltuska%20Chiropractic%22%2C%22meta%3Adescription%22%3A%22Schedule%20your%20appointment%20online%20%20Baltuska%20Chiropractic%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fapp.acuityscheduling.com%2Fschedule.php%3Fowner%3D11577778%22%2C%22og%3Atitle%22%3A%22Baltuska%20Chiropractic%22%2C%22og%3Adescription%22%3A%22Schedule%20your%20appointment%20online%20%20Baltuska%20Chiropractic%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn-s.acuityscheduling.com%2Flogo11577778.jpeg%3F1473978362%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=2&o=30&it=1663874294971&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: baltuska.com
URL: https://baltuska.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:18:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 22 Sep 2022 19:18:15 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 52ms
51ms Preflight
text/html 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 22 Sep 2022 19:18:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 59DF 90 B
134 B 56ms
55ms XHR
application/json+protobuf 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1726f2822f9c6372242dd5ee2a48fdc492409b887f9b91122279e9a90ba21945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 22 Sep 2022 19:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 110
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 59DF 28 B
54 B 29ms
28ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Goog-Request-Time: 1663874297581
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/eTrCc2hV5r8?iv_load_policy=3&showinfo=0&controls=0&color=white&autohide=1&version=3&loop=0&playlist=player_743_360979169_1255953546&wmode=opaque&rel=0&hd=1&videoid=eTrCc2hV5r8&autoplay=0&html5=1&enablejsapi=1&origin=https%3A%2F%2Fbaltuska.com&widgetid=1
X-YouTube-Client-Version: 1.20220920.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtJd3FEVUdmaHVMbyj36bKZBg%3D%3D
X-YouTube-Ad-Signals: dt=1663874295187&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2132%2C1852&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 22 Sep 2022 19:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 22 Sep 2022 19:18:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kellybaltuska.thomaskepka.com
URL: https://kellybaltuska.thomaskepka.com/wp-content/uploads/2015/03/baltuska-300x234.png

Domain: kellybaltuska.thomaskepka.com
URL: https://kellybaltuska.thomaskepka.com/wp-content/uploads/2015/03/baltuska-white-300x234.png

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
baltuska.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: pdp7t4lsb10o2kaodvtd1qtske
.baltuska.com/	1970-01-20 15:47:14	Name: _ga Value: GA1.2.1349684191.1663874294
.baltuska.com/	1970-01-20 06:12:40	Name: _gid Value: GA1.2.1434481591.1663874294
.baltuska.com/	1970-01-20 06:11:14	Name: _gat Value: 1
.baltuska.com/	1970-01-20 06:11:14	Name: _gat_gtag_UA_42182549_2 Value: 1
app.acuityscheduling.com/	1970-01-20 06:54:26	Name: PHPSESSID Value: grkkm0iitsdcd941k6um38ov2h
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 3rcZk9g0-zY
.youtube.com/	1970-01-20 10:30:26	Name: VISITOR_INFO1_LIVE Value: IwqDUGfhuLo

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kellybaltuska.thomaskepka.com/wp-content/uploads/2015/03/baltuska-300x234.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://kellybaltuska.thomaskepka.com/wp-content/uploads/2015/03/baltuska-white-300x234.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
app.acuityscheduling.com
baltuska.com
cdn-marketing.acuityscheduling.com
cdn-s.acuityscheduling.com
cdn.amplitude.com
connect.facebook.net
d3gxy7nm8y4yjr.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
kellybaltuska.thomaskepka.com
secureservercdn.net
shield.sitelock.com
static.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
kellybaltuska.thomaskepka.com
143.204.101.139
151.101.66.132
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2006
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:830::2002
2a00:1450:400d:805::2008
2a00:1450:400d:80c::200a
2a02:fe80:1010::16
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8083:face:b00c:0:25de
44.236.239.241
45.60.14.54
50.62.90.29
52.11.214.47
52.222.206.118
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0690262903337c5392e015553dd03594040f0c86bfe53f1a3200f619d9e6d499
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12091a307d42a5b723f50d625cfe7fbd72d62902060f9bcf04f8ce2cd210dbe8
1726f2822f9c6372242dd5ee2a48fdc492409b887f9b91122279e9a90ba21945
1d96d4c4020f9e9428e9d2064909a1a937e7f17b4ef86dbd471c90c7874fad61
26f5da616807cb2ffcacc1120c37be38f15a44636033a3758cb78430e7f037cd
299a8c8eac4c62bf1e094bdb614c03f00eb122dca7719223b8a3eac154bace43
2d6423e4470cc72432055b4a5c721d55eefae5b71546c6a097d55b9039cb4d0e
2fa93e53e6fc5077724afde41cf2dab36ba043d10971b2ac84d1cf81b99dc214
2fb761f4bd7993acecb6ee5cca10c64984a1c8d40b1e9dad074c619d2e3dd35b
2ffb8fdb70d99473d73302a5a6f19f4cb87b2dbb758d3570b97f56ad85658549
331577f2dea34be78e04f38773004d3e39c3370628d5233108397358a621dc51
33c9907fc97e30ad818ffd75d27905cfe21c87429a3b5312cbd7f726cc8949cc
35e3e5fb2c894be03afe3b7b3f511bb97e7a260e79df4370b17ea84553b455a1
37c2d942edf25a9cd60511b0a5cd9462f99ba84b45a1241124d40d07ee58256a
37dbf7347c3c1290576ef2f520da8e1361b9d1fa0d2a7982e56b371e24edd043
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
412d03b388bfb50e08fb23537f5cbd8880ce2799018588ecb8358d8bf3733957
41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f
4435cbc220751dffd991a7d04fdb4579061006dee117694aa62e73d9d490fed9
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49b57d43420dfa11572eb6d00c6437c6a32a6d78494ecfbc14b00e5735bf09dc
4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380
516eadac5b177c303c3f7f4d4c67a5584125ec3050906d4707ccabc2a32bddfc
576f088bbfc95b540cacc564ac0a918a40966f7c20b406a5e706f4b309e526d9
5a7e73242618c5945a8c0f13208db2eeb11a31c1b9ef56c5e89cb3b68946379f
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c919d2b82f8b74494c7ff6d3419db40cf9597339a8bc27da6e2502fef952118
5cbb19aaaa83bf773932cca27f2d28ad5c1955c8849b0058aa3322c61d28a12d
611969fcccd89efd6c58a4e957ed5811d4f48efe3c1c1f04bcdafb8d04adfa91
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
6aadff1b1a8f18d2336035d3c87f73104461aa265a35755f1279bec1e92c90d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7291efb5d3031ece312b4c76b34000f6085ea5b3cd66c11d1f720fe8e0006bea
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee
7852b811b6c3f30abdb51cca825cfde719dae82b86ae298bb7a903d909b6e0b7
7c90061df0a37de7b5d90599e0c83cf059dc888a52c9b2f30cec324943a1dd4a
8387fd90194712121204b88354859e02d81b20dc73daec0d4e18347493e4cfad
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87b084b095beac78b4a447b97be335a557ab402b83932463ed88bba115f68fef
8894b5d233bdc537122b63b9afabe2f14c048bf7651afdb18ee7f77baf26c0a8
89fa5089c37a32c5be8938c9ab9fb7aad4345b2c7cc4dcd1055e07cf8c9f0581
8a7fb3d85c7672efc8a665a62fec4b473635704e308b6b15e49c58e3208f31b1
8bb14a1d2fe3ce3336ec654ac14022dda20b099b5c7527020f2edf15035a978d
9037f054154f76cdefc17b43ab13af5b00c14a345fc06d3b8d485e8e0548b781
923d29c91246aaa7e794fbe30d75489fd5fb093854e7d9f4e0554497b3d72156
94218bd3e3664c342fb55c172575379e975fcc9a561acbb92d217cb82388df5f
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4d6c2295fae8ccf8a9085f9864645f119c1e55c1efcccfbfdb86239cad91e49
aae9fe889bd849a5557df49a25847acec9ba58b2dee1b1bd89a187d704f8cd5e
ac8e97934aab5099b58398891b05fcb019bec9ed11c4659594784dfef7404088
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b18c315b986e7bcf03bbfff949dd65345f4cbabeec5267ade74c354d73cf5e28
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcfcc890d38af598070d6334e94089f8884f4c5ebb4a400d1f4ac303b503c8c8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c5e1f7cf167914085489176916c2648ef9dac471bf55fa5a0532f9693fc2887b
ca6924edcc978a1f1d890c47841b15567a147e7545f4f030bc7e91e967c9ea50
cb04c84b625847684f6b428b2acc5772b549e12d18acf8ca9b6a356cdb661fbc
d5daa676d70996f49eb40dcf62fae0e28abeee0eb16539ef9a597855a28e09ec
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9ca9969d913aa1fc3ffb05fabaf7e518156cba4513e6a3e4bacf9d4ec4ab667
d9e3f45179711015aa2dcac0689784ad76fd2055a3b13da58a88a1590057b719
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83ac0fe09feb2ab0b4d61f9df920d60e29849e4cf9d34a5f71a99636b2617ab
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efdd464e865bd091ac6944b9d999124c8e19fa28a23f25f55651bbdea9a4bda9
f1f16bafa8532b70614de14b74a53449ae82a1324c0498f73b48004440600581
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f71f3cef7c1ddf2365f5c3b37ddd8028b657259eb8117b6b5d0cea670736046a

baltuska.com Open in urlscan Pro 50.62.90.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

97 %HTTPS

61 %IPv6

15 Domains

20 Subdomains

19 IPs

4 Countries

16623 kBTransfer

20676 kBSize

8 Cookies

9 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

baltuska.com Open in urlscan Pro
50.62.90.29 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

97 %
HTTPS

61 %
IPv6

15
Domains

20
Subdomains

19
IPs

4
Countries

16623 kB
Transfer

20676 kB
Size

8
Cookies

93 HTTP transactions
0 data transactions