keepcalms.com Open in urlscan Pro
2606:4700:20::681a:f5b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://keepcalms.com/user/glamourjewels/
Submission: On January 13 via manual (January 13th 2023, 12:38:12 pm UTC) from IN — Scanned from DE

Summary HTTP 62 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 18 domains to perform 62 HTTP transactions. The main IP is 2606:4700:20::681a:f5b, located in United States and belongs to CLOUDFLARENET, US. The main domain is keepcalms.com. The Cisco Umbrella rank of the primary domain is 254752.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2022. Valid for: a year.

This is the only time keepcalms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:20:... 2606:4700:20::681a:f5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1 1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
18	2606:4700:20:... 2606:4700:20::681a:e5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	99.86.240.40 99.86.240.40	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:206... 2600:9000:206e:fe00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	54.203.32.168 54.203.32.168	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
2	2a04:4e42:41::84 2a04:4e42:41::84	54113 (FASTLY) (FASTLY)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
62	23

5 2606:4700:20::681a:f5b (United States)

ASN13335 (CLOUDFLARENET, US)

keepcalms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.keepcalms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:e5b (United States)

ASN13335 (CLOUDFLARENET, US)

s.keepcalms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
keepcalms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.240.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-40.vie50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:fe00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.32.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-32-168.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:41::84 (Vienna, Austria)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	keepcalms.com keepcalms.com — Cisco Umbrella Rank: 254752 s.keepcalms.com	1 MB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	311 B
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 995 q.stripe.com — Cisco Umbrella Rank: 5906 m.stripe.com — Cisco Umbrella Rank: 991	106 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	331 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2641 log.pinterest.com — Cisco Umbrella Rank: 3739	19 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 727 syndication.twitter.com — Cisco Umbrella Rank: 1011	133 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 95	72 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1108	16 KB
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 338	17 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	7 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	49 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5983	501 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	58 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 943	6 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3063	6 KB
1	gravatar.com 1 redirects www.gravatar.com — Cisco Umbrella Rank: 3728	344 B
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4071	16 KB
62	18

	Domain	Requested by
21	s.keepcalms.com	keepcalms.com s.keepcalms.com
7	www.facebook.com	keepcalms.com browser.sentry-cdn.com
5	connect.facebook.net	keepcalms.com connect.facebook.net s.keepcalms.com
3	q.stripe.com	keepcalms.com
3	js.stripe.com	keepcalms.com js.stripe.com
2	assets.pinterest.com	s.keepcalms.com assets.pinterest.com
2	platform.twitter.com	s.keepcalms.com platform.twitter.com
2	apis.google.com	s.keepcalms.com apis.google.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	ssl.google-analytics.com	1 redirects keepcalms.com
2	cdnjs.cloudflare.com	keepcalms.com
2	keepcalms.com	browser.sentry-cdn.com
1	log.pinterest.com
1	syndication.twitter.com	platform.twitter.com
1	m.stripe.com	m.stripe.network
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.google.de	keepcalms.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	keepcalms.com
1	static.cloudflareinsights.com	keepcalms.com
1	i0.wp.com	keepcalms.com
1	www.gravatar.com	1 redirects
1	browser.sentry-cdn.com	keepcalms.com
62	25

This site contains links to these domains. Also see Links.

Domain
www.thetfordprintingstudio.com
www.youtube.com
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-01-10` - `2023-05-10`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://keepcalms.com/user/glamourjewels/
Frame ID: 1C5A93366843B1004040D581FC198F82
Requests: 52 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 4BD67122EF95C2D342D74591B610777B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 94786A13C5A79F6AF887DC75FC32C815
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
Frame ID: 3EB7C31ABC4C25DF5E84879CDDE8BD37
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.b80857eee4ff5ba14bb5ed6cd4f37d43.html?origin=https%3A%2F%2Fkeepcalms.com
Frame ID: 8C12EA14CC7D1CFD19B5340CE46A5A37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

glamourjewels | User Profile | Keep Calm-o-Matic

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

62
Requests

97 %
HTTPS

76 %
IPv6

18
Domains

25
Subdomains

23
IPs

5
Countries

2046 kB
Transfer

4750 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thetfordprintingstudio.com/
Title: Thetford Printing Studio

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=abx4ofZ83rw
Title: Watch our video

Search URL Search Domain Scan URL

URL: https://www.facebook.com/keepcalmgenerator

Search URL Search Domain Scan URL

URL: https://twitter.com/keepcalmomatic

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/keepcalmomatic/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/keep_calmomatic

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.gravatar.com/avatar/80aaf0650bccef37df0b5609c88c3eb2?s=135&r=pg&d=https%3A%2F%2Fs.keepcalms.com%2Fres%2Fkeepcalm%2Fi%2Favatars%2Fdefault_avatar135.png HTTP 302
https://i0.wp.com/s.keepcalms.com/res/keepcalm/i/avatars/default_avatar135.png?ssl=1

Request Chain 29

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658166461&utmhn=keepcalms.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=glamourjewels%20%7C%20User%20Profile%20%7C%20Keep%20Calm-o-Matic&utmhid=557821730&utmr=-&utmp=%2Fuser%2Fglamourjewels%2F&utmht=1673613487242&utmac=UA-2156704-23&utmcc=__utma%3D8930607.350004040.1673613487.1673613487.1673613487.1%3B%2B__utmz%3D8930607.1673613487.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=492749911&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2156704-23&cid=350004040.1673613487&jid=492749911&_v=5.7.2&z=1658166461 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2156704-23&cid=350004040.1673613487&jid=492749911&_v=5.7.2&z=1658166461 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2156704-23&cid=350004040.1673613487&jid=492749911&_v=5.7.2&z=1658166461&slf_rd=1&random=2076787720

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
keepcalms.com/user/glamourjewels/ 31 KB
9 KB 185ms
164ms Document
text/html 2606:4700:20::681a:f5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b1054a0f3e6326f244b180aea4d4cd51bdda19fae1d8004ba009dec9335dc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: https://keepcalms.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 788e2fe558d5918f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 13 Jan 2023 12:38:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaowRltn%2FcBQLrEUDbCZuOr1oBpeivZjts6AJfRCe6wi%2BJC1jaTV8%2BC7d%2B9egGk1YLMwU%2FpckjlGhEg72vRDVurgeRxpu6iLvV5qSUnGHRWc0F%2FQJQXGHVPGqakrmrXrE9RfxHlBhcEvxQc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-geoip-address: 2a01:4a0:2b::9
x-geoip-country: DE
x-ri-build: jenkins-keepcalm-153-9478-gdc5a52f4c; kc-ubuntu20-sandbox

GET
H2 200 assets.min.304a4c2c.css
s.keepcalms.com/res/keepcalm/css/ 107 KB
20 KB 22ms
20ms Stylesheet
text/css 2606:4700:20::681a:f5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/css/assets.min.304a4c2c.css

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9433f9e3fe4773f123a219b33eb9a1aa4f3d3398c0800e658591b75860e3aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4326
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Jul 2021 18:19:47 GMT
server: cloudflare
etag: W/"60fdab43-1ac97"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: text/css
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGI4M1Mls1QtHZWl0ujapWJTdjYfFxU8ZUEMcWA5zWztmU1QCVOICF6uzceLz72LWVjLg478%2Bj720W444%2BZPxVP2vmgo5s6%2BFqqDRjN1JgmkqiZX0Q%2BkssYrjqz7B4EEkfwFHnkrl4lVxwmzaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe66af9918f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 main.min.b92e0a41.css
s.keepcalms.com/res/keepcalm/css/ 335 KB
50 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:f5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2986303d5e927bf4eeef7bc266e184722470c9f3b52eedc4b0681c995be94a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5369
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Jul 2021 18:19:47 GMT
server: cloudflare
etag: W/"60fdab43-53c33"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: text/css
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfEX531wTyB1C7QVthavqHzu3pYIA7xH1hR5h2Kg7gRv3s0LWgiDSMTRUAWw2D9%2FfAfqyHkLzY%2BuAM2kXN8gPkKqqb2n3zKHCkRDNfltG1EMDpHtjkLoWd2l5yn5hE7tL4sxF0tR7aQiwBFj%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe66afc918f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 libs.3ff87c30.js Show response
s.keepcalms.com/res/keepcalm/js-prod/ 348 KB
115 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:f5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/js-prod/libs.3ff87c30.js

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abd431697cab7c37ea6b24f3c578483ce43f73aa25f634fdc12201f6cc45dce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3771
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Jul 2021 18:16:35 GMT
server: cloudflare
etag: W/"60fdaa83-56f40"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiXGHSe7Ddju6qVFuPa3IaByII8ssbPqosupd5nx9%2BXKpnIM52yu2fSEB1FQfeLiUDcp1cQ24Tg9RCgH9RtFP2MQ7pxrf2e6dQxHRqw5twa%2BxT9LLZWFmAb8O0Cf4icQGCBtjWhaUJyCTU2UfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe66b00918f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.9.1/ 51 KB
16 KB 28ms
9ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.9.1/bundle.min.js

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

297ea7466b446d1c83023e7713b8619a49ce814ef877b1aa8aed20f7a0bdd1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://keepcalms.com/
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 19 Nov 2019 10:29:47 GMT
server: Fastly
age: 5124095
etag: "31ff343b783ff902ada3a13c10d5cb2d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16243
expires: Wed, 15 Nov 2023 05:16:31 GMT

GET
H2

200

default_avatar135.png
i0.wp.com/s.keepcalms.com/res/keepcalm/i/avatars/
Redirect Chain

https://www.gravatar.com/avatar/80aaf0650bccef37df0b5609c88c3eb2?s=135&r=pg&d=https%3A%2F%2Fs.keepcalms.com%2Fres%2Fkeepcalm%2Fi%2Favatars%2Fdefault_avatar135.png
https://i0.wp.com/s.keepcalms.com/res/keepcalm/i/avatars/default_avatar135.png?ssl=1

6 KB
6 KB

40ms
7ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/s.keepcalms.com/res/keepcalm/i/avatars/default_avatar135.png?ssl=1

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

fb18256561ba9f2dcc737ec4c515c1d0357b188df27ecdec09b94b8021b5aa70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Fri, 13 Jan 2023 12:38:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Dec 2022 08:42:44 GMT
server: nginx
etag: "ff3e9f0ade85bbac"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://s.keepcalms.com/res/keepcalm/i/avatars/default_avatar135.png>; rel="canonical"
content-length: 5666
expires: Sat, 28 Dec 2024 20:42:44 GMT

Redirect headers

x-nc: HIT hhn 2
date: Fri, 13 Jan 2023 12:38:07 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: text/html; charset=utf-8
location: https://i0.wp.com/s.keepcalms.com/res/keepcalm/i/avatars/default_avatar135.png?ssl=1
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/80aaf0650bccef37df0b5609c88c3eb2?s=135&r=pg&d=https%3A%2F%2Fs.keepcalms.com%2Fres%2Fkeepcalm%2Fi%2Favatars%2Fdefault_avatar135.png>; rel="canonical"
content-length: 0
expires: Fri, 13 Jan 2023 12:43:07 GMT

GET
H3 200 throbber.gif
s.keepcalms.com/res/keepcalm/i/ 4 KB
5 KB 33ms
32ms Image
image/webp 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/keepcalm/i/throbber.gif

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4de08f4d2295961f2c8aa48edace46fa04d95a88d2e9df5d533a83238c1e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3636
cf-polished: origFmt=gif, origSize=4525
content-disposition: inline; filename="throbber.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3934
cf-bgj: imgq:100,h2pri
last-modified: Sun, 18 Oct 2020 16:51:40 GMT
server: cloudflare
etag: "5f8c729c-11ad"
vary: Accept
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/webp
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQd2OGoG6TLz%2F4vq3FBbwPLVWIDsPisNxf0d0fnrfAdLCBHodWzboMwOJE1LCm5jYnFCbjiqeeqfliF0YCGCSz801OlLHtxMcnrd5a3QCeGBr5bVFWU9i%2FJcgNDEQg4fYqRGZ3XvvlpGt1v%2FKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe6e94b92a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 / Show response
js.stripe.com/v3/ 420 KB
102 KB 113ms
17ms Script
text/javascript 99.86.240.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-40.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3a2cd6ccf0dfee7119888c39e573f0206398e626d05337ed5db356e5987ce96b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 12:37:32 GMT
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 35
x-cache: Hit from cloudfront
last-modified: Thu, 12 Jan 2023 21:46:45 GMT
server: Cloudfront
etag: W/"ce951024d611e193bc1ff7f00594dc5c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: YTzFj4snP1u6b0Gr0FvA7_1uM9RxOEwxA9MTNoshcFZ_iDXm_2aBaQ==

GET
H2 200 all.92095f9b.js Show response
s.keepcalms.com/res/keepcalm/js-prod/ 165 KB
44 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:f5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/js-prod/all.92095f9b.js

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84bdc9674016d77e1e27fb1e58b4cf96e5b7243421e0eefd2346f1c5b8417634

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3678
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Jul 2021 18:16:35 GMT
server: cloudflare
etag: W/"60fdaa83-2932a"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwIoSnMas4rVfi1Z4HO4C6peNuULXWNFBxiNVKsfGTuMQmaDjnGpdyf7NYNlkuf6gZhy%2FyyS%2F6q6jqbUpdc13u03HklfmGxCyuFmJ4OKrcTvn21KAPyhxuOEoTvSZgL%2F381iY%2BHZai7Wsp1J9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe6bb9f918f-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 35ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1956879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmGc6E2EWPruMnYj%2FXIVTtEcLlRPtJZ6zdLLnkkrtsAJ05kxMQfqzTJG2JWZHBeW9BcOR4SIUH6ApPooY8SGieWfc6ob2vQfPhQtwsO1KlZEDa%2Byl9TOqZOcCLhorONhOe6GaQzsHv5aENaqvTnB5TV6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788e2fe70fb1927a-FRA
expires: Wed, 03 Jan 2024 12:38:07 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 37ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3696782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKtlQiL79nlddVUYtTBpks6FB42%2FsVvCvqSFy6IOuMx5jdx1Tqyyc0eiFbXjZCnrQxzrQ6dqEC3zVk4oc%2FXAgF2%2BUS5M%2BEABD9qZdcArBC4f0uor6wn%2FNhzJh2Qc6oKRdCL6HYH7LCPMKLS74p0WG07%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788e2fe70fb4927a-FRA
expires: Wed, 03 Jan 2024 12:38:07 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 91ms
70ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://keepcalms.com/
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 788e2fe70e819048-FRA

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 11:51:02 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2825
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 13 Jan 2023 13:51:02 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 40ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: J3e8BtVyQlyBWiUyvpg74SaGdSQTN6dhHH8CLzrahwaq29z1WUaC17lwN6NktfgZ03NK3LOrLOwkStdJ7arKLw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
58 KB 110ms
49ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WZGT

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db62462079a3ff452d6b549c2dbfe9c8afd515968e0523d9659250a86f5a33f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58417
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Jan 2023 12:38:07 GMT

GET
H3 200 poster-sprite.png
s.keepcalms.com/res/new/i/poster/ 11 KB
12 KB 16ms
16ms Image
image/webp 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/new/i/poster/poster-sprite.png

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccb038c4dcb056a73b903c243e12440eb0d227b61d6dfd41520946f193b570d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638
cf-polished: origFmt=png, origSize=17596
content-disposition: inline; filename="poster-sprite.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11258
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2017 14:25:50 GMT
server: cloudflare
etag: "58909e6e-44bc"
vary: Accept
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/webp
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul2%2BDXRCx%2BWhYi8lrnypAhyMJkAwsn11A7hME8M7aFbA0LeRYBIrkl3ZaBs68FTRtave4E31o92oiKEfTGjEWR0FRin%2Fogjdjv808V%2BjZYjxKRSktaAKG575dZzy%2BQ6ZU8sPzD0jjbqDgTrjsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe7098892a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 gothamrounded-medium-webfont.woff
s.keepcalms.com/res/keepcalm/fonts/ 26 KB
27 KB 55ms
41ms Font
application/font-woff 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/fonts/gothamrounded-medium-webfont.woff?v3

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3608d712c34a9a43881efa0b0469fa1b011de69264763489d64936695277dd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: W/"5f8c729d-6998"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4MJj8pODABsOxb3jz09FK3MtnrTAGh6qdQhyrRIb8yu29%2BNTjrBvHLpRGzU0FnXdyOjKFJUF60GsMPhe8Gb%2F4f6Yq%2BklhE6M24VvfPiWPt0zeLHKi90TgSY5XTyCAGu6U%2B7GlCKxl6qkZX1UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe72d61997a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 keepcalm-medium-webfont-2.woff
s.keepcalms.com/res/keepcalm/fonts/ 25 KB
25 KB 70ms
56ms Font
application/font-woff 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/fonts/keepcalm-medium-webfont-2.woff?v3

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed549d8c92c9fe7a78df38c4614c0cf2febdc5c85fe4b0eb5b209353d11153d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6307
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: W/"5f8c729d-6290"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wWbaGmE%2BaBqPYE6%2FfHRgxROIp3llbkcgswts7Enf2ps0%2FrfkMnRgurILY1gIVZgJyyJCalF89pK8bSbL2%2FwYQop8RDC6qZ7sgHT51ZDRi7NSm7T3a3AZ1qJYLZSY5l7SK7p9daBdOgUQjOWpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe72d65997a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 Nunito-Bold.ttf
s.keepcalms.com/res/keepcalm/fonts/Nunito/ 113 KB
114 KB 71ms
57ms Font
application/octet-stream 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/fonts/Nunito/Nunito-Bold.ttf

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4525fec0d2f1821c3ab039bd089130ed65f14282495321dd768a6bfb34b75902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115852
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: "5f8c729d-1c48c"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WppmGI8zM6xVeptYkWEpfjy5Dud0HjqrsRNnu%2BWfvorOTIWGktXGmgb4aS0QPDlj%2BYZyPapn2YU6i%2FAsE2rhW5Y8R2EN9KWvyTFC8HQDxAlQjdhW%2BYvdlYzNsAr%2FC8%2BTYarkipjTgQSn5v%2BDXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe72d68997a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 lato-reg-webfont.woff
s.keepcalms.com/res/keepcalm/fonts/ 31 KB
32 KB 86ms
72ms Font
application/font-woff 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/fonts/lato-reg-webfont.woff?v3

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8cf79b6ed82b416e4017a26dac09537f92bb7f443b496c634863e7c993b8e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: W/"5f8c729d-7c4c"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFXrsZCpWaPlkfuxuiD24ov0oJ6VFc5AWABVewR5xrynbIe%2BaeZOvA%2B7ueAcxytGbIl0BMAb2S5G2neklDpUCCH%2Bm2XZRA%2BQnekJcOGYjwpSbCFFyTQxYVpjkIwI9p5dKp2AMra0MlSo%2F9wn3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe72d6a997a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 tiled-banner-2.jpg
s.keepcalms.com/res/keepcalm/i/banners/ 148 KB
148 KB 17ms
15ms Image
image/jpeg 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/keepcalm/i/banners/tiled-banner-2.jpg

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79de13acef0c1eb53f7b5a22724868985cd74db5796aa9b2703f454bab8f8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124
cf-polished: origSize=151860, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151203
cf-bgj: imgq:100,h2pri
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: "5f8c729d-25134"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDNXvdduhp1lES5IVArYF2oHKbaDma3LpVt%2B7acaQAFfQ79tY2%2FmSLESalbpu4UpHnPc5YTe6Pimod9LwywBXsFx9W8gknywMqf2ySYWl%2BEKR%2BAtKKt4h8NM6sveL0r182fCGFC%2F4mbYRv8iFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe729a992a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 kc-698504ae.png
s.keepcalms.com/res/keepcalm/i/sprites/ 26 KB
27 KB 42ms
40ms Image
image/webp 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/keepcalm/i/sprites/kc-698504ae.png

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ebaf21fb0d551f3ece857433f11df3285a186d7ea534fed7d09792e92cc72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638
cf-polished: origFmt=png, origSize=41704
content-disposition: inline; filename="kc-698504ae.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26644
cf-bgj: imgq:100,h2pri
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: "5f8c729d-a2e8"
vary: Accept
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/webp
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPuMzKg2SwSKnGA5SyA4piYR67AusfEDW4p4Hh%2FKKndGwcxsyM5QJSMtMeTFUaSwLqnXi8nFEYODYLHArxxlMD%2FF4KViclxVbkRgi0UnJ%2BVaPb51xwo8VvHKRTa8NOo0wTw%2FmO7zvUtnaVjukQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe729ac92a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 bottom.png
s.keepcalms.com/res/new/i/ 4 KB
5 KB 24ms
22ms Image
image/webp 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/new/i/bottom.png

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/assets.min.304a4c2c.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61db8b14c8c21ba37180aa939f1e8c0228b7e7ae768b249841798e8a9a268e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/assets.min.304a4c2c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638
cf-polished: origFmt=png, origSize=9578
content-disposition: inline; filename="bottom.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4280
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2017 14:25:50 GMT
server: cloudflare
etag: "58909e6e-256a"
vary: Accept
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/webp
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0Y%2BUeZHWmpm%2FY54R%2FkZsuv5VjRMRNwhJpTddx1n%2BOS9ksexHNjOQ7AtF8TYrzlakCl7pzhj71%2Fc066moGt7t7yJJ1fJaK7PI9WIAdpQMNJ%2F7m1tToY09ZKodxL%2BL1bGUqyYYLVF%2B6UhVBjHcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe729af92a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 foot-pallette.jpg
s.keepcalms.com/res/new/i/poster/ 498 B
1 KB 43ms
41ms Image
image/webp 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/new/i/poster/foot-pallette.jpg

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b53bde9e6415bf4b3e17ece91a3f7a25e2ff500529de45f37349a00098ef07cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638
cf-polished: origFmt=jpeg, origSize=1427
content-disposition: inline; filename="foot-pallette.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 498
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2017 14:25:50 GMT
server: cloudflare
etag: "58909e6e-593"
vary: Accept
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/webp
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t501lfS3EjRFh3Z1npoLHS13xcc2jbqfbs1JZWF1Ek55imohoeBXTEvJY%2FQ2%2BpRZ2X1uAo35%2BXh8CPgQWTdpVuJ847d%2B6AEBNIO6YRO%2FwzkMpulSaGP%2FCXz%2B5C3q4uWUvg3Y%2FkW3RVLT7qbXeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe729b092a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 footer-bg.png
s.keepcalms.com/res/new/i/poster/ 195 KB
196 KB 44ms
42ms Image
image/webp 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/new/i/poster/footer-bg.png

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799554444a82d8f79ddb6792bf125155952f10ad233108aac8888de7fc0dff18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638
cf-polished: origFmt=png, origSize=203367
content-disposition: inline; filename="footer-bg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 199918
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2017 14:25:50 GMT
server: cloudflare
etag: "58909e6e-31a67"
vary: Accept
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/webp
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRsxvbWfm6LxYvIkNyHnAHkY%2FSf%2F0xt0WLQuFtVVel%2Ftew7WvWw6bC4BfBH1sAC%2B43PDQm7%2BLJ54Sspcjrxq5AhOx6pMziTIbAxRcVCHL8ZO9L32IepWOAeNstt2tnGy6r5qtQtN1Su51QTomw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe729b192a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 lab-sprite.png
s.keepcalms.com/res/new/i/poster/labels/ 38 KB
39 KB 54ms
52ms Image
image/webp 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/new/i/poster/labels/lab-sprite.png

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de4a0442aadaf545281d8365b70fb5da8f37ebfa4c9f729d1dde8c0dfe2a827c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638
cf-polished: origFmt=png, origSize=58832
content-disposition: inline; filename="lab-sprite.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39180
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2017 14:25:50 GMT
server: cloudflare
etag: "58909e6e-e5d0"
vary: Accept
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/webp
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrxsbR7vN%2BKbBApmbU52pm3KwFn0v0O3GjoEUVcZayE699yokreHPfMQn3ayjjTvHMNR%2Behb8WfptIV%2FcVn64F9%2Bd8JFw1NY8lwR95T1hZKSfi4Lc6esE97yrqI4a1TOMFSVuNx9Ja%2BmSuK%2BlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe729b392a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 Nunito-Regular.ttf
s.keepcalms.com/res/keepcalm/fonts/Nunito/ 111 KB
112 KB 50ms
48ms Font
application/octet-stream 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/fonts/Nunito/Nunito-Regular.ttf

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a2bf793dd663407f49bcd219fe5abca8d52ce98d47b6063e3843db5d17bcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1725
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113832
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: "5f8c729d-1bca8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAJnGL5Ag9ZHoJPH2klQClupU%2Fq4MmqR%2FVFqNpBxJrnYfaYJxAnuZ%2Fa9v1WXPFd8ATuSIoTjLqNiId0sAWDy1WnGOap2YNdoVnV2LJRln0OUVTVKIltpkw%2FHolK15MH5YdzyDGO%2FlB%2F5te7dEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe72d6e997a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 soc-sprite1.png
s.keepcalms.com/res/new/i/poster/social/ 9 KB
10 KB 46ms
46ms Image
image/webp 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/new/i/poster/social/soc-sprite1.png?v2

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18deffd8eb035b48c278273038f884210c3965a0fc15e0cd7369716ad7407567

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4145
cf-polished: origFmt=png, origSize=13323
content-disposition: inline; filename="soc-sprite1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9282
cf-bgj: imgq:100,h2pri
last-modified: Tue, 31 Jan 2017 14:25:50 GMT
server: cloudflare
etag: "58909e6e-340b"
vary: Accept
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/webp
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qdtt0Nia9RiWT1znYTuy6ORKRUotFqY%2B0zqsB7QtX7Xb%2BWM0h%2FMZft8D8lahxeSSATO63t9pH1IqtVx2TtuR2NuCEOsF9M7pAph8ZYntf4amo3IikLVmMQ65V1v2YBncl8kqFfnlCu33O9lbnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe729c192a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 lato-bol-webfont.woff
s.keepcalms.com/res/keepcalm/fonts/ 32 KB
32 KB 72ms
72ms Font
application/font-woff 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/fonts/lato-bol-webfont.woff?v3

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c88117173189b615684269a178bbc4e275c5b9c3ea9e4d1a709f7b6aecc80d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: W/"5f8c729d-7e90"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urBrdtzvy8VXKMJ1r7eN%2B2XmIZyiyAa%2FtfAMvrDZXhHmIsnegZhNWuDJZ6Glsn0w3%2BpufGsD23vjL1vzlmlRRh0K5Y7G0RNyWIZoV7R%2BAS6Mz55R3wfqEPLxM%2F6HglCpZs3T0kCPMfkwcBAi%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe73d7e997a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658166461&utmhn=keepcalms.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=glamou...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2156704-23&cid=350004040.1673613487&jid=492749911&_v=5.7.2&z=1658166461
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2156704-23&cid=350004040.1673613487&jid=492749911&_v=5.7.2&z=1658166461
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2156704-23&cid=350004040.1673613487&jid=492749911&_v=5.7.2&z=1658166461&slf_rd=1&random=2076787720

42 B
501 B

121ms
57ms

Image
image/gif

2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2156704-23&cid=350004040.1673613487&jid=492749911&_v=5.7.2&z=1658166461&slf_rd=1&random=2076787720

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 12:38:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 12:38:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2156704-23&cid=350004040.1673613487&jid=492749911&_v=5.7.2&z=1658166461&slf_rd=1&random=2076787720
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1646487118901698 Show response
connect.facebook.net/signals/config/ 376 KB
108 KB 14ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1646487118901698?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

985f98291cc14631e692a8f590257b16e2a052b296b1e7bc547617dec014f8d4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110016
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Kc5zR9DMlja6eV9WWOm7NcYvWhhk7lLTp9LQJTjDF71HXVjcidp96KOZ8RBroIh7J8/O4TJ/Iha7pKZevmceyQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 770812483096761 Show response
connect.facebook.net/signals/config/ 376 KB
107 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/770812483096761?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9417e2c7082e74bc75b442da5f23ff8572508a9dc2487f5c23dd963d4b548011

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109977
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bCRJ+NsiH641I17kOowkqdGHNTS3gmSoDas7MBU+iPcxQy1s2dYUqGqEXNTpy7bo2XeMksdnMMbm4AsJOLw+kw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 kc-logo.svg
s.keepcalms.com/res/keepcalm/i/svgs/icons/ 6 KB
3 KB 21ms
21ms Image
image/svg+xml 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.keepcalms.com/res/keepcalm/i/svgs/icons/kc-logo.svg

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

436dd72f3969c7917a22215e6adcafec046881739bc8ceee3aeb753216c023c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3638
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: W/"5f8c729d-1703"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUe8UNgJmB36CtJmJK%2Bhyhgp6n1u0pYTRisgnEMqQ0g9wf%2BfeeM7UTfAXM%2BctAnLafrha0FkhbsX9MasPP2zD5Y9VDjJowvABGj%2B7F9m71cKRGaDs4ebrEm4P5CeS3lcTiwjz2RC0pKgrBbvOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 788e2fe7eaac92a5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 lato--b400.woff2
s.keepcalms.com/res/keepcalm/fonts/keepcalm-engine/lato/ 178 KB
179 KB 17ms
17ms Font
application/octet-stream 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.keepcalms.com/res/keepcalm/fonts/keepcalm-engine/lato/lato--b400.woff2

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.keepcalms.com/res/keepcalm/css/main.min.b92e0a41.css
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182708
last-modified: Sun, 18 Oct 2020 16:51:41 GMT
server: cloudflare
etag: "5f8c729d-2c9b4"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://keepcalms.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMzwQldV7RK%2FYmMue55348axudgGrZr%2Fmwn%2F1X8EdS7iXjyujVDcOsVPskpVLWJKcSDY4Ph6dorC0cexhvAqlh26TaqT6TqjqkbZU4MRfOi%2FN%2FSkuAs%2BEj62ur8TEc0TWWfsaOLYcZYgGT8aag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 788e2fe7eedb997a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 4BD6 200 B
1 KB 15ms
14ms Document
text/html 99.86.240.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-40.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://keepcalms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1469
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 13 Jan 2023 12:35:46 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 11 Jan 2023 17:29:24 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
x-amz-cf-id: oU4el_Rmxon9rT8997O1k6RoXSaKVMlPB7jgVClbW-2pjYhMkdSpQQ==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 4BD6 0
600 B 555ms
174ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4BD6 0
599 B 556ms
175ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4BD6 631 B
1 KB 14ms
14ms Script
text/javascript 99.86.240.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-40.vie50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 13 Jan 2023 12:02:45 GMT
x-content-type-options: nosniff
via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
age: 2132
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 06 Jan 2023 20:59:46 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jN05vbXhpIZEca3W3d4_8hM-SmzVrFlwVBg92xyCeCGyD3YqblRoeg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 91ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZGT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

306dc6a8783a988bbea318ce7e28d5314a6c753cea59183e16175a4caf0f1fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49353
x-xss-protection: 0
server: cafe
etag: 7284214765076474496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 12:38:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 41ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1646487118901698&ev=PageView&dl=https%3A%2F%2Fkeepcalms.com%2Fuser%2Fglamourjewels%2F&rl=&if=false&ts=1673613487417&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673613487416.247091726&it=1673613487257&coo=false&rqm=GET

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 42ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=770812483096761&ev=PageView&dl=https%3A%2F%2Fkeepcalms.com%2Fuser%2Fglamourjewels%2F&rl=&if=false&ts=1673613487418&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673613487416.247091726&it=1673613487257&coo=false&rqm=GET

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 42ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1646487118901698&ev=ViewContent&dl=https%3A%2F%2Fkeepcalms.com%2Fuser%2Fglamourjewels%2F&rl=&if=false&ts=1673613487419&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1673613487416.247091726&it=1673613487257&coo=false&rqm=GET

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 42ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=770812483096761&ev=ViewContent&dl=https%3A%2F%2Fkeepcalms.com%2Fuser%2Fglamourjewels%2F&rl=&if=false&ts=1673613487420&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1673613487416.247091726&it=1673613487257&coo=false&rqm=GET

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 9478 930 B
2 KB 93ms
17ms Document
text/html 2600:9000:206e:fe00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:fe00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 224
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 13 Jan 2023 12:34:24 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 19e8b9893b6330d5d62599a448aea7da.cloudfront.net (CloudFront)
x-amz-cf-id: ot0UZbMuYhQgAQdOv-I7tKcJMmwfQSfJxOtGWnxqDJsuJBiYtePq1A==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 9478 0
373 B 428ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: keepcalms.com
URL: https://keepcalms.com/user/glamourjewels/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: blue
pragma: no-cache
date: Fri, 13 Jan 2023 12:38:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame 3EB7 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://keepcalms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 22:42:48 GMT
etag: 10353107486223812946
expires: Thu, 26 Jan 2023 22:42:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 9478 86 KB
14 KB 15ms
15ms Script
text/javascript 2600:9000:206e:fe00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:fe00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 12:35:40 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 19e8b9893b6330d5d62599a448aea7da.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 157
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: YBd5BOdFlxyamtwtVgQWYm8JKLFKqA3b-ACcLvfUzPaW12xcukayMg==

POST
H2 200 6 Show response
m.stripe.com/ Frame 9478 156 B
553 B 583ms
177ms XHR
application/json 54.203.32.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.203.32.168 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-203-32-168.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

031754ac07bdc34a8bdf02e17a2dccf4e0a3ba9c290176940340f2c4c807e3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 13 Jan 2023 12:38:08 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/js-prod/all.92095f9b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

154281df618ef5c5f8db896a18285b69f2038cebf96a66580a5a01d17a98ee53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 12:38:07 GMT
content-md5: DIR0MHZWWjDPZ75z2HyX1Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: w/+03GUlSAX7dvLfC9AD3L8frtGcu7WnmjhzSiYQ07JIiowHe0pv6DBBgJ8v26UXRzZGp2DRWm5RIsHbs7oe2g==
x-fb-content-md5: 4ec158a480d9e16d73bca6842a098ae2
cross-origin-opener-policy: same-origin-allow-popups
etag: "aea1549c3f5ecca46ed7480833f8c3c1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Jan 2023 12:47:37 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/js-prod/all.92095f9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c0fd538b26adf8a809192896df0c4c00b16e4667fd609a49fd7636125a1083

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 12:38:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "32382e1707655955"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jan 2023 12:38:07 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 487ms
86ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/js-prod/all.92095f9b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0B) /
Resource Hash: d79017446bd9c8daccf264cc72bf93ea09587b4de35dc8d78124e70d39d5c67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 12:38:08 GMT
Content-Encoding: gzip
Age: 1235
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 29164
Last-Modified: Thu, 12 Jan 2023 23:45:01 GMT
Server: ECS (nyb/1D0B)
Etag: "5846c0bb30ad56a931751575bda58e1c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
485 B 44ms
14ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: s.keepcalms.com
URL: https://s.keepcalms.com/res/keepcalm/js-prod/all.92095f9b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 203

POST
H3 204 rum Show response
keepcalms.com/cdn-cgi/ 0
139 B 13ms
12ms XHR
text/plain 2606:4700:20::681a:e5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://keepcalms.com/cdn-cgi/rum?

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.9.1/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://keepcalms.com/user/glamourjewels/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: application/json

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://keepcalms.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 788e2fe9cd1b92a5-FRA

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 308 KB
86 KB 20ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=915f267009516b1d2862098f9d312f99

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c401d37b2cf614bc6cb6e5d22707eeb6d1d422948d5cb339fc4e33b93e1ff7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://keepcalms.com/
Origin: https://keepcalms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 12:38:07 GMT
content-md5: d2mZMZJ/UKSmLsgUVLADhA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88287
x-fb-rlafr: 0
x-fb-debug: LOMGLEc5M9JRJ3hCMq8A61OxIWxKeBniKe09jHTPaiXgbqMSx3mFbVaUwrEt3WlHch9/kg9mMbZqdzftwH5a3Q==
x-fb-content-md5: 2e16946af1e745f63534527facde4f03
cross-origin-opener-policy: same-origin-allow-popups
etag: "953b8e1b8be95852a37fdabdb7339d36"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 Jan 2024 11:20:30 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 146 KB
50 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1054ff4b673a0f4fe9e7b4ddd66330a82e6f09f73587fd4b18af8c854c3133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 05:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51245
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 05:24:46 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 14ms
14ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.32323237360505663
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 12:38:07 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 18679

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 39ms
39ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=177054532316756&input_token&origin=1&redirect_uri=https%3A%2F%2Fkeepcalms.com%2Fuser%2Fglamourjewels%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.9.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Fri, 13 Jan 2023 12:38:07 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Z9V9gTR28aKj3g0KYhQLq1BMkhJjyhQbtkGZ2Rj4ijH+8BuIeouyXMPw6k/FcjiUEqpAijSsgrEhi+gHBLUnEg==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://keepcalms.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1646487118901698&ev=Microdata&dl=https%3A%2F%2Fkeepcalms.com%2Fuser%2Fglamourjewels%2F&rl=&if=false&ts=1673613487920&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22glamourjewels%20%7C%20User%20Profile%20%7C%20Keep%20Calm-o-Matic%5Cn%20%20%20%20%20%20%20%20%22%2C%22meta%3Adescription%22%3A%22View%20the%20latest%20poster%20designs%20by%20glamourjewels%20at%20Keep%20Calm-o-matic.%20Create%20your%5Cnown%20profile%20and%20make%20your%20own%20Keep%20Calm%20posters%20and%20merchandise.%22%7D&cd[OpenGraph]=%7B%22twitter%3Asite%22%3A%22%40keepcalmomatic%22%2C%22og%3Atype%22%3A%22keepcalmandcarryon%3Aposter%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fkeepcalms.com%2F%22%2C%22og%3Atitle%22%3A%22The%20Keep%20Calm-o-matic%22%2C%22og%3Adescription%22%3A%22Personalise%20and%20buy%20images%20and%20products%2C%20either%20based%20on%20the%20classic%20World%20War%202%20%27Keep%20Calm%20and%20Carry%20On%27%20slogan%20or%20using%20your%20own%20design%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs.keepcalms.com%2Fres%2Fi%2Fsocial%2Fkeepcalm-fbcard.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Atitle%22%3A%22The%20Keep%20Calm-o-matic%22%2C%22twitter%3Adescription%22%3A%22Create%20and%20share%20personalised%20images%20based%20on%20the%20classic%20%27Keep%20Calm%20and%20Carry%20On%27%20slogan%20and%20buy%20your%20design%20on%20a%20range%20of%20products%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fkeepcalms.com%2F%22%2C%22twitter%3Aimage%3Asrc%22%3A%22https%3A%2F%2Fs.keepcalms.com%2Fres%2Fi%2Fsocial%2Fkeepcalm-twcard.png%22%2C%22twitter%3Aimage%3Awidth%22%3A%22588%22%2C%22twitter%3Aimage%3Aheight%22%3A%22315%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=2&o=30&fbp=fb.1.1673613487416.247091726&it=1673613487257&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=770812483096761&ev=Microdata&dl=https%3A%2F%2Fkeepcalms.com%2Fuser%2Fglamourjewels%2F&rl=&if=false&ts=1673613487922&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22glamourjewels%20%7C%20User%20Profile%20%7C%20Keep%20Calm-o-Matic%5Cn%20%20%20%20%20%20%20%20%22%2C%22meta%3Adescription%22%3A%22View%20the%20latest%20poster%20designs%20by%20glamourjewels%20at%20Keep%20Calm-o-matic.%20Create%20your%5Cnown%20profile%20and%20make%20your%20own%20Keep%20Calm%20posters%20and%20merchandise.%22%7D&cd[OpenGraph]=%7B%22twitter%3Asite%22%3A%22%40keepcalmomatic%22%2C%22og%3Atype%22%3A%22keepcalmandcarryon%3Aposter%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fkeepcalms.com%2F%22%2C%22og%3Atitle%22%3A%22The%20Keep%20Calm-o-matic%22%2C%22og%3Adescription%22%3A%22Personalise%20and%20buy%20images%20and%20products%2C%20either%20based%20on%20the%20classic%20World%20War%202%20%27Keep%20Calm%20and%20Carry%20On%27%20slogan%20or%20using%20your%20own%20design%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs.keepcalms.com%2Fres%2Fi%2Fsocial%2Fkeepcalm-fbcard.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Atitle%22%3A%22The%20Keep%20Calm-o-matic%22%2C%22twitter%3Adescription%22%3A%22Create%20and%20share%20personalised%20images%20based%20on%20the%20classic%20%27Keep%20Calm%20and%20Carry%20On%27%20slogan%20and%20buy%20your%20design%20on%20a%20range%20of%20products%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fkeepcalms.com%2F%22%2C%22twitter%3Aimage%3Asrc%22%3A%22https%3A%2F%2Fs.keepcalms.com%2Fres%2Fi%2Fsocial%2Fkeepcalm-twcard.png%22%2C%22twitter%3Aimage%3Awidth%22%3A%22588%22%2C%22twitter%3Aimage%3Aheight%22%3A%22315%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=2&o=30&fbp=fb.1.1673613487416.247091726&it=1673613487257&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 13 Jan 2023 12:38:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK widget_iframe.b80857eee4ff5ba14bb5ed6cd4f37d43.html Show response
platform.twitter.com/widgets/ Frame 8C12 320 KB
104 KB 86ms
86ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.b80857eee4ff5ba14bb5ed6cd4f37d43.html?origin=https%3A%2F%2Fkeepcalms.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D23) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://keepcalms.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 46223
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Jan 2023 12:38:08 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Thu, 12 Jan 2023 23:32:44 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D23)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8C12 1 KB
766 B 147ms
116ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9170fa09f16165dcdca45e13292ab434a192a8d7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.b80857eee4ff5ba14bb5ed6cd4f37d43.html?origin=https%3A%2F%2Fkeepcalms.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

2f94fc05aed2770f3091bdad9553f85e0ca03c839bcbbc994188b7540b9d5cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 108
date: Fri, 13 Jan 2023 12:38:08 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 13 Jan 2023 12:38:08 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 862ed2532381b7c0
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 23402513b47b8cb5280eff4a3105993ae50700ac9e06919010c1745727ad6190
content-length: 445

GET
H2 200 /
log.pinterest.com/ 0
338 B 190ms
41ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=25F0g6yELvCr&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fkeepcalms.com%2Fuser%2Fglamourjewels%2F&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://keepcalms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 13 Jan 2023 12:38:08 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1178009776547411
content-length: 0
x-served-by: cache-hhn-etou8220025-HHN
pragma: no-cache
server: envoy
x-timer: S1673613489.869300,VS0,VE29
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.keepcalms.com/	1970-01-20 09:13:43	Name: __Secure-sessionid Value: ".eJxljcEKwjAQRH9F9lykhl7cs-LBs-ewTZawYJKSpoem9N9N0aLgcebNYxZwHGVQgAuYOIWcZh3IMyDcOHkKMzQggyZrE49jrRW1J-yoRdUjnivdNRPtpl2usDZQqJQn652JiaEy18Mf-rw9gmS2h7sEZ6P_zmog2dx3PpofCJjTxOsLoKZD_g:1pGJJv:z5tCdGzWtjhNOMLhHaWve3xy75o"
.keepcalms.com/	1970-01-20 18:29:33	Name: __utma Value: 8930607.350004040.1673613487.1673613487.1673613487.1
.keepcalms.com/	1969-12-31 23:59:59	Name: __utmc Value: 8930607
.keepcalms.com/	1970-01-20 13:16:21	Name: __utmz Value: 8930607.1673613487.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.keepcalms.com/	1970-01-20 08:53:34	Name: __utmt Value: 1
.keepcalms.com/	1970-01-20 08:53:35	Name: __utmb Value: 8930607.1.10.1673613487
.keepcalms.com/	1970-01-20 11:03:09	Name: _gcl_au Value: 1.1.1199361334.1673613487
.keepcalms.com/	1970-01-20 11:03:09	Name: _fbp Value: fb.1.1673613487416.247091726
m.stripe.com/	1970-01-20 18:29:33	Name: m Value: c177a498-ed90-421f-9677-f1ad05e8b116395aa4
.keepcalms.com/	1970-01-20 17:39:09	Name: __stripe_mid Value: 7c662fc6-1b8f-4a3b-86a0-9261a262e3c5b5bb4b
.keepcalms.com/	1970-01-20 08:53:35	Name: __stripe_sid Value: 568702c0-1401-4c43-92b3-f5becb6fe3d970f8ee

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
assets.pinterest.com
browser.sentry-cdn.com
cdnjs.cloudflare.com
connect.facebook.net
googleads.g.doubleclick.net
i0.wp.com
js.stripe.com
keepcalms.com
log.pinterest.com
m.stripe.com
m.stripe.network
pagead2.googlesyndication.com
platform.twitter.com
q.stripe.com
s.keepcalms.com
ssl.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gravatar.com
104.244.42.72
151.101.192.84
192.0.77.2
2600:9000:206e:fe00:19:7d10:bd80:93a1
2606:2800:220:de:468:2285:c1:4a3
2606:4700:20::681a:e5b
2606:4700:20::681a:f5b
2606:4700::6810:3865
2606:4700::6811:190e
2a00:1450:4001:806::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c0b::9c
2a00:1450:400d:802::2003
2a00:1450:400d:80d::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:41::84
2a04:4e42::729
2a04:fa87:fffe::c000:4902
54.187.119.242
54.203.32.168
99.86.240.40
031754ac07bdc34a8bdf02e17a2dccf4e0a3ba9c290176940340f2c4c807e3e9
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
154281df618ef5c5f8db896a18285b69f2038cebf96a66580a5a01d17a98ee53
18deffd8eb035b48c278273038f884210c3965a0fc15e0cd7369716ad7407567
1c88117173189b615684269a178bbc4e275c5b9c3ea9e4d1a709f7b6aecc80d4
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25c0fd538b26adf8a809192896df0c4c00b16e4667fd609a49fd7636125a1083
297ea7466b446d1c83023e7713b8619a49ce814ef877b1aa8aed20f7a0bdd1a3
2986303d5e927bf4eeef7bc266e184722470c9f3b52eedc4b0681c995be94a8b
2f94fc05aed2770f3091bdad9553f85e0ca03c839bcbbc994188b7540b9d5cbb
306dc6a8783a988bbea318ce7e28d5314a6c753cea59183e16175a4caf0f1fea
3608d712c34a9a43881efa0b0469fa1b011de69264763489d64936695277dd40
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3a2cd6ccf0dfee7119888c39e573f0206398e626d05337ed5db356e5987ce96b
3b1054ff4b673a0f4fe9e7b4ddd66330a82e6f09f73587fd4b18af8c854c3133
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
436dd72f3969c7917a22215e6adcafec046881739bc8ceee3aeb753216c023c3
4525fec0d2f1821c3ab039bd089130ed65f14282495321dd768a6bfb34b75902
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
61db8b14c8c21ba37180aa939f1e8c0228b7e7ae768b249841798e8a9a268e5e
68ebaf21fb0d551f3ece857433f11df3285a186d7ea534fed7d09792e92cc72d
799554444a82d8f79ddb6792bf125155952f10ad233108aac8888de7fc0dff18
7b1054a0f3e6326f244b180aea4d4cd51bdda19fae1d8004ba009dec9335dc03
84bdc9674016d77e1e27fb1e58b4cf96e5b7243421e0eefd2346f1c5b8417634
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
9417e2c7082e74bc75b442da5f23ff8572508a9dc2487f5c23dd963d4b548011
96a2bf793dd663407f49bcd219fe5abca8d52ce98d47b6063e3843db5d17bcdd
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
985f98291cc14631e692a8f590257b16e2a052b296b1e7bc547617dec014f8d4
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e4de08f4d2295961f2c8aa48edace46fa04d95a88d2e9df5d533a83238c1e70
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a79de13acef0c1eb53f7b5a22724868985cd74db5796aa9b2703f454bab8f8b5
abd431697cab7c37ea6b24f3c578483ce43f73aa25f634fdc12201f6cc45dce7
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b53bde9e6415bf4b3e17ece91a3f7a25e2ff500529de45f37349a00098ef07cc
c401d37b2cf614bc6cb6e5d22707eeb6d1d422948d5cb339fc4e33b93e1ff7b7
c8cf79b6ed82b416e4017a26dac09537f92bb7f443b496c634863e7c993b8e39
ccb038c4dcb056a73b903c243e12440eb0d227b61d6dfd41520946f193b570d0
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d79017446bd9c8daccf264cc72bf93ea09587b4de35dc8d78124e70d39d5c67a
d9433f9e3fe4773f123a219b33eb9a1aa4f3d3398c0800e658591b75860e3aba
db62462079a3ff452d6b549c2dbfe9c8afd515968e0523d9659250a86f5a33f0
de4a0442aadaf545281d8365b70fb5da8f37ebfa4c9f729d1dde8c0dfe2a827c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed549d8c92c9fe7a78df38c4614c0cf2febdc5c85fe4b0eb5b209353d11153d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fb18256561ba9f2dcc737ec4c515c1d0357b188df27ecdec09b94b8021b5aa70

keepcalms.com Open in urlscan Pro 2606:4700:20::681a:f5b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

76 %IPv6

18 Domains

25 Subdomains

23 IPs

5 Countries

2046 kBTransfer

4750 kBSize

11 Cookies

6 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

keepcalms.com Open in urlscan Pro
2606:4700:20::681a:f5b Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

76 %
IPv6

18
Domains

25
Subdomains

23
IPs

5
Countries

2046 kB
Transfer

4750 kB
Size

11
Cookies

62 HTTP transactions
1 data transactions