www.theflowerfields.com Open in urlscan Pro
172.99.120.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theflowerfields.com/
Effective URL:
https://www.theflowerfields.com/
Submission Tags: tranco_l324
Submission: On March 25 via api (March 25th 2024, 11:27:13 am UTC) from DE — Scanned from DE

Summary HTTP 39 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 39 HTTP transactions. The main IP is 172.99.120.135, located in United States and belongs to RMH-14, US. The main domain is www.theflowerfields.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 23rd 2023. Valid for: a year.

This is the only time www.theflowerfields.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	172.99.120.135 172.99.120.135	33070 (RMH-14) (RMH-14)
15	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	3.69.79.220 3.69.79.220	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:1800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	52.205.162.88 52.205.162.88	14618 (AMAZON-AES) (AMAZON-AES)
39	18

3 172.99.120.135 (United States) 1 redirects

ASN33070 (RMH-14, US)

theflowerfields.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theflowerfields.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

flowerfields-live.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn-prod.hive.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.79.220 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-79-220.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.162.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-162-88.compute-1.amazonaws.com

app.hive.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	azureedge.net flowerfields-live.azureedge.net	5 MB
4	gstatic.com fonts.gstatic.com	61 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 246	75 KB
3	theflowerfields.com 1 redirects theflowerfields.com www.theflowerfields.com	106 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	377 B
2	w55c.net 1 redirects tags.w55c.net — Cisco Umbrella Rank: 5975	2 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2122 pixel.quantserve.com — Cisco Umbrella Rank: 1747	10 KB
2	hive.co cdn-prod.hive.co — Cisco Umbrella Rank: 122986 app.hive.co — Cisco Umbrella Rank: 132015	57 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	173 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 112 ajax.googleapis.com — Cisco Umbrella Rank: 728	35 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1892	644 B
1	google.de www.google.de — Cisco Umbrella Rank: 4335	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 203	260 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2156	260 B
39	14

	Domain	Requested by
15	flowerfields-live.azureedge.net	www.theflowerfields.com flowerfields-live.azureedge.net
4	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.theflowerfields.com connect.facebook.net
2	www.facebook.com	www.theflowerfields.com
2	tags.w55c.net	1 redirects www.theflowerfields.com
2	www.googletagmanager.com	www.theflowerfields.com www.googletagmanager.com
2	www.theflowerfields.com	www.theflowerfields.com
1	app.hive.co	ajax.googleapis.com
1	ajax.googleapis.com	cdn-prod.hive.co
1	pixel.quantserve.com	www.theflowerfields.com
1	rules.quantcount.com	secure.quantserve.com
1	www.google.de	www.theflowerfields.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	cdn-prod.hive.co	www.theflowerfields.com
1	fonts.googleapis.com	www.theflowerfields.com
1	theflowerfields.com	1 redirects
39	18

This site contains links to these domains. Also see Links.

Domain
wl.seetickets.us
shop.theflowerfields.com
theflowerfields.seetickets.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
www.theflowerfields.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-04-22`	a year	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 07	`2024-02-25` - `2025-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
cdn-prod.hive.co R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.hive.co Amazon RSA 2048 M03	`2024-01-13` - `2025-02-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.theflowerfields.com/
Frame ID: 73E149301CAAADCDF6D55471AAE1223D
Requests: 56 HTTP requests in this frame

Frame: https://app.hive.co/jssdk/iframe-helper/?identifier=125401&identifierType=hiveTourId&sdkHostPageUrl=https%3A%2F%2Fwww.theflowerfields.com%2F&initEventId=HIVE_SDK-wdxeb4rz15&scriptSrc=https%3A%2F%2Fcdn-prod.hive.co%2Fstatic%2Fjs%2Fsdk-loader.js%3Fsef%3D1%26r%3D28522767&signedLoginToken=
Frame ID: 92FC92114F6ADD1AD3C76EA8ABFA8B46
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Flower Fields | Carlsbad, CA

Page URL History Show full URLs

http://theflowerfields.com/ HTTP 307
https://theflowerfields.com/ HTTP 301
https://www.theflowerfields.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

97 %
HTTPS

65 %
IPv6

14
Domains

18
Subdomains

18
IPs

3
Countries

5670 kB
Transfer

6576 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://wl.seetickets.us/theflowerfields
Title: <img width="163" height="163" src="https://flowerfields-live.azureedge.net/wp-content/uploads/2022/01/ticket-icon.png" class="attachment-url size-url" alt="" decoding="async" srcset="https://flowerfields-live.azureedge.net/wp-content/uploads/2022/01/ticket-icon.png 163w, https://flowerfields-live.azureedge.net/wp-content/uploads/2022/01/ticket-icon-150x150.png 150w" sizes="(max-width: 163px) 100vw, 163px" />

Search URL Search Domain Scan URL

URL: https://shop.theflowerfields.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://theflowerfields.seetickets.com/timeslot/the-flower-fields-timed-entry?outputStyle=Default&pageIndex=1&pageSize=30
Title: Buy Tickets

Search URL Search Domain Scan URL

URL: https://theflowerfields.seetickets.com/timeslot/the-flower-fields-timed-entry?outputStyle=Default&pageIndex=1&pageSize=30&_gl=1*1g9s4pj*_ga*MjAyNzIzNzQyNC4xNzAxNjYzMDU3*_ga_3VS838PHQ4*MTcwOTE2MTUxOS4yOS4xLjE3MDkxNjE1NzguMS4wLjA.
Title: BUY TICKETS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheFlowerFields
Title: <img width="17" height="34" src="https://flowerfields-live.azureedge.net/wp-content/uploads/2021/12/fb.png" class="attachment-full size-full" alt="" decoding="async" />

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the_flower_fields/
Title: <img width="31" height="32" src="https://flowerfields-live.azureedge.net/wp-content/uploads/2021/12/ig.png" class="attachment-full size-full" alt="" decoding="async" />

Search URL Search Domain Scan URL

URL: https://twitter.com/TheFlowerFields
Title: <img width="30" height="26" src="https://flowerfields-live.azureedge.net/wp-content/uploads/2021/12/tw.png" class="attachment-full size-full" alt="" decoding="async" />

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theflowerfields.com/ HTTP 307
https://theflowerfields.com/ HTTP 301
https://www.theflowerfields.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://tags.w55c.net/rs?id=81fa346e0a7d4609aa6cad391925f4fd&t=marketing&gtmcb=777475211 HTTP 302
https://tags.w55c.net/rs?sccid=f5907080-f88f-a065-73b3-bbf7ab41a4e2&scc=1&id=81fa346e0a7d4609aa6cad391925f4fd&t=marketing&gtmcb=777475211

39 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.theflowerfields.com/
Redirect Chain

http://theflowerfields.com/
https://theflowerfields.com/
https://www.theflowerfields.com/

265 KB
95 KB

668ms
156ms

Document
text/html

172.99.120.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theflowerfields.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.99.120.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

22628ee4f06fc36463944886c0a4eeca997c0da61fb77481739a0312a8ef577f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 96361
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Mar 2024 11:27:07 GMT
Expires: Mon, 25 Mar 2024 11:27:07 GMT
Keep-Alive: timeout=3
Last-Modified: Mon, 25 Mar 2024 04:51:02 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=31536000 max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: max-age=3600
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Mar 2024 11:27:05 GMT
Expires: Mon, 25 Mar 2024 12:27:06 GMT
Keep-Alive: timeout=3
Location: https://www.theflowerfields.com/
Referrer-Policy: strict-origin-when-cross-origin
Server: Apache
Strict-Transport-Security: max-age=31536000 max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Redirect-By: WordPress
X-XSS-Protection: 1; mode=block

GET
H2 200 defer-home-7347f992cb.css
flowerfields-live.azureedge.net/wp-content/themes/flowerfields/frontend/dist/styles/ 62 KB
8 KB 307ms
100ms Stylesheet
text/css 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerfields-live.azureedge.net/wp-content/themes/flowerfields/frontend/dist/styles/defer-home-7347f992cb.css

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6f5c6261782a074f75f26c9d377abc43a91483ea131e3f91c124156673f5d849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:07 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 13185461
content-length: 7514
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 18:01:02 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vtc
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 25 Mar 2025 09:44:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
2 KB 137ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Poppins:wght@300;400;500&display=swap

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

254162bf2a90b6957331dff456f604d864e230269aa6570589bdbc2ee60033ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Mar 2024 11:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 11:27:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Mar 2024 11:27:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
84 KB 145ms
59ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WWSZ33

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e79430789148b64663aa7a466b42df75467aad924a985f0f425592a4fefd76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85566
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Mar 2024 11:27:07 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9126b349abc3abd8b5518e1062f8b6c5f55a071562a51872cfaf4ae0465b7bce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba5e56b1f2cc6744d63dd6decfdc064966b2d31a4037dd23b733c7e53f278d76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebe57b53015695703db84a8f7ba64dd69d242a18fb983950c4b06b609ff391eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f18f2f1df1069cc65c550c800bf9d9e2b4353086920a81a770244109b2be10d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e235591b41bb610fe94b0a9865c7db51c28d8a48988df488698ebd7ce325aff4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd36a4d78c5ca64813c553b384b689459c2790da3d96bac48519fccc980deb73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3df145f3d71826e74d2cc5697d8cc8df767acebd56ce9804d3cc5f86ad6ad0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7018a0bed9dbbbd0c0eb09be19a213d3749282fdf1103025582766c0442bba9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f90b3db40d3a416a290ecb680838f15052782ec0bc7bea319ef3ce4167ee44b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Poppins:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.theflowerfields.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 14:28:20 GMT
x-content-type-options: nosniff
age: 334727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 14:28:20 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 140ms
53ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Poppins:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.theflowerfields.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Mar 2024 17:35:13 GMT
x-content-type-options: nosniff
age: 323514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 17:35:13 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 131ms
44ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Poppins:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.theflowerfields.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 18 Mar 2024 15:51:38 GMT
x-content-type-options: nosniff
age: 588929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 15:51:38 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ba916032eeba44a7a77debc347a01ecb798be6a8b84a3be5bda257218163fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d66648db6870e6f2880f9221ab1b76838f842d4dbeebf3c038127cb1b8a1f5a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4d23706d75bfe09a73d5e3336f3e339fdb1e60f32ef40474e7a6003fad52ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaf7135f1eebccd28dd098a1016563c85f7ef3d073534f6dc109081579e6dcbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e814959e86a296dfb588e7dd2676caed42d318564d23f40ddf667be7f0d2ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc066555e3b259862bbd5b3ae2826507d8a6873d8b34fa601fca98528d9cb025

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fc9bc7096d5d5165abd983e5d6d877046fec7935b40ecee1c49d29d5a447cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5290e9cfb137e7f459ac9e38f80e4d0ab6c8b3492384ebc84e5e17930604ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27d04ea83ac8c79e242a14361fc5280af778bcdc0c7ff204f566141e9266153a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK sdk-loader.js Show response
cdn-prod.hive.co/static/js/ 56 KB
57 KB 558ms
434ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-prod.hive.co/static/js/sdk-loader.js?sef=1&r=28522767
Requested by: Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.14.2 /
Resource Hash: 244d756eff735502e60d075ce960a7641ab55af44fc0d5980cb9c94e1f19b502

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 25 Mar 2024 11:27:08 GMT
Last-Modified: Fri, 22 Mar 2024 23:40:42 GMT
Server: nginx/1.14.2
ETag: "65fe16fa-e196"
X-HW: 1711366027.cds327.fr8.hn,1711366027.cds330.fr8.sc,1711366028.cds330.fr8.p
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57750

GET
H2 200 main-464b36005a.js Show response
flowerfields-live.azureedge.net/wp-content/themes/flowerfields/frontend/dist/scripts/ 17 KB
5 KB 113ms
73ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerfields-live.azureedge.net/wp-content/themes/flowerfields/frontend/dist/scripts/main-464b36005a.js

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a0fb87dd764aeef3274a8ee4f214f3751fa5e6231faab1723935aae42c5ae800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:07 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 13185461
content-length: 4946
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 18:01:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vte
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 25 Mar 2025 09:44:49 GMT

GET
H2 200 lazyload.min.js Show response
flowerfields-live.azureedge.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 112ms
72ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerfields-live.azureedge.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:07 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_HIT
x-cache-info: L1_T2
x-fd-int-roxy-purgeid: 13185461
content-length: 3048
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Feb 2024 18:36:01 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vtd
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Tue, 25 Mar 2025 09:44:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3VS838PHQ4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWSZ33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a834619a0b812a45453e5772211e71c7095ddee43db4a8c4fe8d00b25a26ee5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91084
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Mar 2024 11:27:07 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 137ms
44ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWSZ33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:08 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 01 Apr 2024 11:27:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 135ms
43ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Mar 2024 11:27:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: fIePaoKyms6Biz+ojtzbvTUFdByLYndJbKCXzv5HO2FzYYMuv5lh1R5uRjMOtmUhCKFGIKY/ovyLm/JV90rnLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=81fa346e0a7d4609aa6cad391925f4fd&t=marketing&gtmcb=777475211
https://tags.w55c.net/rs?sccid=f5907080-f88f-a065-73b3-bbf7ab41a4e2&scc=1&id=81fa346e0a7d4609aa6cad391925f4fd&t=marketing&gtmcb=777475211

42 B
752 B

48ms
47ms

Image
image/gif

3.69.79.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=f5907080-f88f-a065-73b3-bbf7ab41a4e2&scc=1&id=81fa346e0a7d4609aa6cad391925f4fd&t=marketing&gtmcb=777475211

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

HTTP/1.1

Server

3.69.79.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-79-220.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-04cd4bce5270ccf03@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theflowerfields.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Mar 2024 11:27:07 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-04cd4bce5270ccf03@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Mar 2024 11:27:07 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0e8db69464d002a56@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Location: https://tags.w55c.net/rs?sccid=f5907080-f88f-a065-73b3-bbf7ab41a4e2&scc=1&id=81fa346e0a7d4609aa6cad391925f4fd&t=marketing&gtmcb=777475211
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Forwarded-Proto
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hand-sanitizer.png
flowerfields-live.azureedge.net/wp-content/uploads/2022/01/ 311 KB
312 KB 1112ms
1111ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2022/01/hand-sanitizer.png

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

933e80e8db0a64e555a609d9730a4403436625d65cb229f32e835b1790c1baaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:08 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 318686
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 02 Jan 2022 01:24:46 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vtv
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

GET
H2 200 header-logo.png
flowerfields-live.azureedge.net/wp-content/uploads/2022/01/ 64 KB
64 KB 932ms
930ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2022/01/header-logo.png

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9ab5c1ef6e9f297fb8d9e4d639f6de6840bf15b519a24f5106062e97f50d7ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:08 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 65069
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Jan 2022 19:56:45 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vtw
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

GET
H2 200 Screen-Shot-2024-03-13-at-4.10.58-PM.png
flowerfields-live.azureedge.net/wp-content/uploads/2024/03/ 2 MB
2 MB 1150ms
1149ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2024/03/Screen-Shot-2024-03-13-at-4.10.58-PM.png

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

db3fe3d70dea1bc2dc02ec9003b32ee34b38affa6811ed3517079d12ce9612e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:09 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 2539116
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Mar 2024 23:28:36 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vtx
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

GET
H2 200 Spring-into-color_sale_header_v1.jpg
flowerfields-live.azureedge.net/wp-content/uploads/2024/03/ 95 KB
96 KB 1071ms
1070ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2024/03/Spring-into-color_sale_header_v1.jpg

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7a5523e027fb4813ea1d31f4c9092af538996e25d76d6f8198b3a7656775be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:08 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 97739
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 16:48:42 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vtu
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

GET
H2 200 P1004051-2048x1365-1.jpg
flowerfields-live.azureedge.net/wp-content/uploads/2024/02/ 277 KB
278 KB 1110ms
1109ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2024/02/P1004051-2048x1365-1.jpg

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

666d5a86cb454739e76d46d384dc563c1a8264665680497d4f0a78dfdbbe589d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:08 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 283545
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 23:03:45 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vty
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

GET
H2 200 poinsettia.jpg
flowerfields-live.azureedge.net/wp-content/uploads/2024/02/ 210 KB
211 KB 1149ms
1149ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2024/02/poinsettia.jpg

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f5df4f95775aa63517ffcd1e6ebae608360dc8178c5066f92c5520bb808effba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:09 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 215343
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 23:03:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vtz
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

GET
H2 200 ticket-girl.png
flowerfields-live.azureedge.net/wp-content/uploads/2022/01/ 768 KB
769 KB 1153ms
1153ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2022/01/ticket-girl.png

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eda8352e58848fac1706fa5f9c72909ee1081918c20f7298221dbc9718f21bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:09 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 786147
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jan 2022 18:09:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vu0
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v35/ 37 KB
37 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@400;500;600;700&family=Poppins:wght@300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.theflowerfields.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 07:53:23 GMT
x-content-type-options: nosniff
age: 531224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37764
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:53:23 GMT

GET
H2 200 flower-decor.png
flowerfields-live.azureedge.net/wp-content/themes/flowerfields/frontend/dist/images/ 3 KB
3 KB 463ms
463ms Image
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/themes/flowerfields/frontend/dist/images/flower-decor.png

Requested by

Host: flowerfields-live.azureedge.net
URL: https://flowerfields-live.azureedge.net/wp-content/themes/flowerfields/frontend/dist/styles/defer-home-7347f992cb.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

38784e981aba48cfb0c7003bc66f86a71b33b4fc50d365cb04cbbcfd4b593fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://flowerfields-live.azureedge.net/wp-content/themes/flowerfields/frontend/dist/styles/defer-home-7347f992cb.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:08 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 2967
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 18:01:00 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-azure-ref: 20240325T112707Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vu2
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 144ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3VS838PHQ4&gtm=45je43k0v9130104698z872001943za200&_p=1711366027647&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1158072774.1711366028&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1711366027&sct=1&seg=0&dl=https%3A%2F%2Fwww.theflowerfields.com%2F&dt=The%20Flower%20Fields%20%7C%20Carlsbad%2C%20CA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2828
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3VS838PHQ4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 11:27:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theflowerfields.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 149ms
48ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3VS838PHQ4&cid=1158072774.1711366028&gtm=45je43k0v9130104698z872001943za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3VS838PHQ4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 11:27:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theflowerfields.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 151ms
64ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3VS838PHQ4&cid=1158072774.1711366028&gtm=45je43k0v9130104698z872001943za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=420403571

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 11:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-xfRkvr6Fe1nRb.js Show response
rules.quantcount.com/ 160 B
644 B 137ms
41ms Script
application/javascript 2600:9000:223c:1800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-xfRkvr6Fe1nRb.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d05a9f19da0fb621dbd12024412be44179e4747376e2273a4efb9024ddfe12aa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:20:21 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 603
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 16:26:40 GMT
server: AmazonS3
etag: "cd10ad6970ab48599f1f68ddc27061b4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: jvnun9NYEKNtqI5-JHcdpwseF1XpdSPiGMjg7hVE3L43wTwBZLeXcw==

GET
H2 200 522298461283665 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 167ms
167ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/522298461283665?v=2.9.150&r=stable&domain=www.theflowerfields.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

346850ae1ab1adb00da761b53b16d7d26d882c0ef84243030a53a129dd564e9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Mar 2024 11:27:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=65, mss=1294, tbw=62817, tp=-1, tpl=-1, uplat=124, ullat=1
pragma: public
x-fb-debug: 5+z+OM33FpHfi8L8KpLvgVhvBvN2XyafQiuKZF26PJVoRLVTrJTcjpJ/LEC+f452xO4byWaYy9LS4CKhSsWMtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel;r=733356561;source=gtm;rf=0;a=p-xfRkvr6Fe1nRb;url=https%3A%2F%2Fwww.theflowerfields.com%2F;uht=2;fpan=1;fpa=P0-8604532-1711366028039;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0...
pixel.quantserve.com/ 35 B
455 B 54ms
43ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=733356561;source=gtm;rf=0;a=p-xfRkvr6Fe1nRb;url=https%3A%2F%2Fwww.theflowerfields.com%2F;uht=2;fpan=1;fpa=P0-8604532-1711366028039;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=theflowerfields.com;dst=1;et=1711366028179;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.The%20Flower%20Fields%20%7C%20Carlsbad%252C%20CA%2Curl.https%3A%2F%2Fwww%252Etheflowerfields%252Ecom%2F%2Csite_name.The%20Flower%20Fields;ses=29beb410-92aa-41d8-8f68-782c52b1dae9;mdl=

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 11:27:08 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 329763481281284 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 118ms
116ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/329763481281284?v=2.9.150&r=stable&domain=www.theflowerfields.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101%2C178%2C177%2C179%2C184%2C185%2C186%2C182%2C174%2C117%2C119%2C173%2C175%2C108%2C139%2C130%2C134%2C114%2C169%2C209%2C145%2C102%2C112%2C210%2C147%2C106%2C128%2C121%2C109

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

8effd3664b548d4687db24055493c04b18743d73ad67b8f7f736f9f5bdfd4f67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Mar 2024 11:27:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4309, tp=9, tpl=0, uplat=77, ullat=0
pragma: public
x-fb-debug: J0T9Qqf2MzAd6t2EFgo5U0xDfHPrzWL7exjGU59d9QWQNw3k2wBjN4vonk9TuVfBehr5DpWFJ5yvnZqrgyQYTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 129ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=522298461283665&ev=PageView&dl=https%3A%2F%2Fwww.theflowerfields.com%2F&rl=&if=false&ts=1711366028321&sw=800&sh=600&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711366028319.1472684530&cs_est=true&ler=empty&cdl=API_unavailable&it=1711366028124&coo=false&rqm=GET

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=2754, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 25 Mar 2024 11:27:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 40ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=329763481281284&ev=PageView&dl=https%3A%2F%2Fwww.theflowerfields.com%2F&rl=&if=false&ts=1711366028444&sw=800&sh=600&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711366028319.1472684530&ler=empty&cdl=API_unavailable&it=1711366028124&coo=false&rqm=GET

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=3107, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 25 Mar 2024 11:27:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: cdn-prod.hive.co
URL: https://cdn-prod.hive.co/static/js/sdk-loader.js?sef=1&r=28522767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 07:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:52:38 GMT

GET
H/1.1 200
OK /
app.hive.co/jssdk/iframe-helper/ Frame 92FC 0
0 509ms
131ms Document
text/html 52.205.162.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.hive.co/jssdk/iframe-helper/?identifier=125401&identifierType=hiveTourId&sdkHostPageUrl=https%3A%2F%2Fwww.theflowerfields.com%2F&initEventId=HIVE_SDK-wdxeb4rz15&scriptSrc=https%3A%2F%2Fcdn-prod.hive.co%2Fstatic%2Fjs%2Fsdk-loader.js%3Fsef%3D1%26r%3D28522767&signedLoginToken=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.162.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-162-88.compute-1.amazonaws.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

Referer: https://www.theflowerfields.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3635
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Mar 2024 11:27:10 GMT
P3P: policyref="https://app.hive.co/w3c/p3p.xml", CP="CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR DEL SAM OTR UNR IND DSP NON COR"
Server: nginx/1.14.2
Vary: Cookie

GET
H2 200 FF-Logo-16x16px-3.png
flowerfields-live.azureedge.net/wp-content/uploads/2022/01/ 637 B
1 KB 636ms
636ms Other
image/png 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2022/01/FF-Logo-16x16px-3.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4c265e3e7f9b8fcde2a573384ae33da4e7455bb6e6b22ba3a41a16d95943b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:11 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 637
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 07 Jan 2022 21:11:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-azure-ref: 20240325T112710Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017vyq
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:11 GMT

GET
H/1.1 200
OK splide.min.js Show response
www.theflowerfields.com/wp-content/themes/flowerfields/frontend/assets/source/scripts/ 28 KB
11 KB 470ms
159ms Script
application/javascript 172.99.120.135
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theflowerfields.com/wp-content/themes/flowerfields/frontend/assets/source/scripts/splide.min.js

Requested by

Host: www.theflowerfields.com
URL: https://www.theflowerfields.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.99.120.135 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

b9931aa92c37f3a57999a4faf7c89f62ce847262c5eab55d8ee441a899f8005e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 25 Mar 2024 11:27:11 GMT
Strict-Transport-Security: max-age=31536000, max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10598
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sun, 20 Nov 2022 19:23:28 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Keep-Alive: timeout=3
Expires: Tue, 25 Mar 2025 11:27:11 GMT

GET
H2 200 Spring-into-color_sale_header_v1.jpg
flowerfields-live.azureedge.net/wp-content/uploads/2024/03/ 95 KB
96 KB 79ms
79ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2024/03/Spring-into-color_sale_header_v1.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7a5523e027fb4813ea1d31f4c9092af538996e25d76d6f8198b3a7656775be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:11 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 13185461
content-length: 97739
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Mar 2024 16:48:42 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-azure-ref: 20240325T112711Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017w0k
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:08 GMT

GET
H2 200 Spring-into-color_v259-pdf.jpg
flowerfields-live.azureedge.net/wp-content/uploads/2024/03/ 406 KB
407 KB 1217ms
1217ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2024/03/Spring-into-color_v259-pdf.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9953b70b33c750af3e1b98f97eef3609a7aee019fb5fbb60f54c12c279a93296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:13 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 415960
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 02 Mar 2024 16:46:09 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-azure-ref: 20240325T112711Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017w0m
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:12 GMT

GET
H2 200 Events-Year-Round-2.jpg
flowerfields-live.azureedge.net/wp-content/uploads/2024/03/ 414 KB
415 KB 1217ms
1217ms Image
image/jpeg 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flowerfields-live.azureedge.net/wp-content/uploads/2024/03/Events-Year-Round-2.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89ed40de8b2d0482bdca1c1b2bc2c5c7177a2abb031111cfaa1528ca9ac08a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.theflowerfields.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 11:27:13 GMT
strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-cache: TCP_MISS
x-fd-int-roxy-purgeid: 13185461
content-length: 424158
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Mar 2024 15:23:39 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-azure-ref: 20240325T112711Z-ncmzm00eh53w3fkz24vfhntekw000000052g000000017w0n
cache-control: max-age=10368000, public
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:27:12 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theflowerfields.com/	1969-12-31 23:59:59	Name: d3dforms_nonce_key Value: fbc8dbfcd18752d488d252a695bd7226
.theflowerfields.com/	1970-01-21 04:58:46	Name: _ga_3VS838PHQ4 Value: GS1.1.1711366027.1.0.1711366027.60.0.0
.theflowerfields.com/	1970-01-21 04:58:46	Name: _ga Value: GA1.1.1158072774.1711366028
.w55c.net/	1970-01-21 04:52:10	Name: wfivefivec Value: GFCybIJa1ROItS2
.quantserve.com/	1970-01-21 04:53:00	Name: mc Value: 66015f8c-344a5-98fe7-ee5d8
.theflowerfields.com/	1970-01-21 04:47:14	Name: __qca Value: P0-8604532-1711366028039
.theflowerfields.com/	1970-01-20 21:32:22	Name: _fbp Value: fb.1.1711366028319.1472684530
app.hive.co/	1970-01-20 19:32:50	Name: cookie_visitor_key Value: c503d01e-da8e-57a4-8651-215e0244e20e
app.hive.co/	1970-01-20 19:22:47	Name: cookie_session_key Value: 6668a8e0-7875-5a75-b922-fcffb1e7ffa5

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/522298461283665?v=2.9.150&r=stable&domain=www.theflowerfields.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.theflowerfields.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.hive.co
cdn-prod.hive.co
connect.facebook.net
flowerfields-live.azureedge.net
fonts.googleapis.com
fonts.gstatic.com
pixel.quantserve.com
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
tags.w55c.net
theflowerfields.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.theflowerfields.com
142.250.186.67
151.139.128.10
157.240.252.13
172.99.120.135
2001:4860:4802:34::36
2600:9000:223c:1800:6:44e3:f8c0:93a1
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:46::45
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::200a
2a00:1450:400c:c00::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.69.79.220
52.205.162.88
0ba916032eeba44a7a77debc347a01ecb798be6a8b84a3be5bda257218163fe7
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
22628ee4f06fc36463944886c0a4eeca997c0da61fb77481739a0312a8ef577f
244d756eff735502e60d075ce960a7641ab55af44fc0d5980cb9c94e1f19b502
254162bf2a90b6957331dff456f604d864e230269aa6570589bdbc2ee60033ea
27d04ea83ac8c79e242a14361fc5280af778bcdc0c7ff204f566141e9266153a
2e814959e86a296dfb588e7dd2676caed42d318564d23f40ddf667be7f0d2ae8
346850ae1ab1adb00da761b53b16d7d26d882c0ef84243030a53a129dd564e9d
38784e981aba48cfb0c7003bc66f86a71b33b4fc50d365cb04cbbcfd4b593fe2
3df145f3d71826e74d2cc5697d8cc8df767acebd56ce9804d3cc5f86ad6ad0a6
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4c265e3e7f9b8fcde2a573384ae33da4e7455bb6e6b22ba3a41a16d95943b51e
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4e79430789148b64663aa7a466b42df75467aad924a985f0f425592a4fefd76c
4fc9bc7096d5d5165abd983e5d6d877046fec7935b40ecee1c49d29d5a447cd0
666d5a86cb454739e76d46d384dc563c1a8264665680497d4f0a78dfdbbe589d
6f5c6261782a074f75f26c9d377abc43a91483ea131e3f91c124156673f5d849
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89ed40de8b2d0482bdca1c1b2bc2c5c7177a2abb031111cfaa1528ca9ac08a9c
8effd3664b548d4687db24055493c04b18743d73ad67b8f7f736f9f5bdfd4f67
8f90b3db40d3a416a290ecb680838f15052782ec0bc7bea319ef3ce4167ee44b
9126b349abc3abd8b5518e1062f8b6c5f55a071562a51872cfaf4ae0465b7bce
933e80e8db0a64e555a609d9730a4403436625d65cb229f32e835b1790c1baaa
9953b70b33c750af3e1b98f97eef3609a7aee019fb5fbb60f54c12c279a93296
9ab5c1ef6e9f297fb8d9e4d639f6de6840bf15b519a24f5106062e97f50d7ee5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fb87dd764aeef3274a8ee4f214f3751fa5e6231faab1723935aae42c5ae800
a834619a0b812a45453e5772211e71c7095ddee43db4a8c4fe8d00b25a26ee5a
b4d23706d75bfe09a73d5e3336f3e339fdb1e60f32ef40474e7a6003fad52ec9
b9931aa92c37f3a57999a4faf7c89f62ce847262c5eab55d8ee441a899f8005e
ba5e56b1f2cc6744d63dd6decfdc064966b2d31a4037dd23b733c7e53f278d76
bd36a4d78c5ca64813c553b384b689459c2790da3d96bac48519fccc980deb73
cc066555e3b259862bbd5b3ae2826507d8a6873d8b34fa601fca98528d9cb025
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d05a9f19da0fb621dbd12024412be44179e4747376e2273a4efb9024ddfe12aa
d66648db6870e6f2880f9221ab1b76838f842d4dbeebf3c038127cb1b8a1f5a1
d7018a0bed9dbbbd0c0eb09be19a213d3749282fdf1103025582766c0442bba9
db3fe3d70dea1bc2dc02ec9003b32ee34b38affa6811ed3517079d12ce9612e8
e235591b41bb610fe94b0a9865c7db51c28d8a48988df488698ebd7ce325aff4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5290e9cfb137e7f459ac9e38f80e4d0ab6c8b3492384ebc84e5e17930604ec9
eaf7135f1eebccd28dd098a1016563c85f7ef3d073534f6dc109081579e6dcbd
ebe57b53015695703db84a8f7ba64dd69d242a18fb983950c4b06b609ff391eb
eda8352e58848fac1706fa5f9c72909ee1081918c20f7298221dbc9718f21bea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18f2f1df1069cc65c550c800bf9d9e2b4353086920a81a770244109b2be10d7
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5df4f95775aa63517ffcd1e6ebae608360dc8178c5066f92c5520bb808effba
f7a5523e027fb4813ea1d31f4c9092af538996e25d76d6f8198b3a7656775be7

www.theflowerfields.com Open in urlscan Pro 172.99.120.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

65 %IPv6

14 Domains

18 Subdomains

18 IPs

3 Countries

5670 kBTransfer

6576 kBSize

9 Cookies

7 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theflowerfields.com Open in urlscan Pro
172.99.120.135 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

65 %
IPv6

14
Domains

18
Subdomains

18
IPs

3
Countries

5670 kB
Transfer

6576 kB
Size

9
Cookies

39 HTTP transactions
18 data transactions