ordering.ges.com Open in urlscan Pro
170.136.108.111  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=532689%2C5579898&time=1730587322491&url=https%3A%2F%2Fordering.ges.com%2Flogon&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=532689%2C5579898&time=1730587322491&url=https%3A%2F%2Fordering.ges.com%2Flogon&tm=gtmv2&e_ipv6=AQJKFFFpufgt9gAAAZLvCujnx8ergA3Mt1JFvvrNfuD7ho8szqCeWb8Gu6gMYQLGohex6-jRPO15h72mxPYWZJ4VT-UnDQ

Request Chain 85

• https://s.adroll.com/j/pre/D4YKTPGM4NAUFN3GQB5EDB/YRSQACZLQJGSLPM36JWKLB/fpconsent.js HTTP 302
• https://s.adroll.com/j/pre/index.js

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request logon Show response ordering.ges.com/	104 KB 31 KB	1090ms 422ms	Document text/html	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software / Resource Hash d8b5cfa4a3f3d20039250856f3a57e4794ea4602bcaa83884d4e26f216edabb0 Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Cache-Control no-cache, no-store Connection Keep-Alive Content-Encoding gzip Content-Length 31031 Content-Type text/html; charset=utf-8 Date Sat, 02 Nov 2024 22:41:59 GMT Expires -1 Pragma no-cache Strict-Transport-Security max-age=89999; includeSubDomains Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	bootstrap ordering.ges.com/content/css/	291 KB 76 KB	341ms 182ms	Stylesheet text/css	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 63087bd83f25b6c72cc30d27c30d5a0ccdafc8e4bfdff78e4a8a5c2d7aff4061 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control public, no-cache="Set-Cookie" X-AspNet-Version 4.0.30319 Content-Encoding gzip Connection Keep-Alive Expires Sun, 02 Nov 2025 22:42:00 GMT Content-Length 77070 Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type text/css; charset=utf-8 Last-Modified Sat, 02 Nov 2024 22:42:00 GMT Vary User-Agent, Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	styles ordering.ges.com/content/	15 KB 6 KB	670ms 337ms	Stylesheet text/css	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/content/styles?v=LC_5I7DcObNkT_p4dvziGbVLbSwoj_Ur9zSrZkwHFUs1 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash f267d4ac3bfd4cba78fe90e36b8781e0deca5834dae1ccab523c6e619e31364a Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control public, no-cache="Set-Cookie" X-AspNet-Version 4.0.30319 Content-Encoding gzip Connection Keep-Alive Expires Sun, 02 Nov 2025 22:42:00 GMT Content-Length 5457 Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type text/css; charset=utf-8 Last-Modified Sat, 02 Nov 2024 22:42:00 GMT Vary User-Agent, Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	js Show response ordering.ges.com/scripts/	976 KB 360 KB	866ms 529ms	Script text/javascript	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/scripts/js?v=vHcw9CDlLN6fG5IMJ8arQ6DoJjTwDYvEks8sD5q50RI1 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 8ca5dc36a02587cca334fd0ecb70e3978ba9a9171364698c45d35c8d625c8d9e Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control public, no-cache="Set-Cookie" X-AspNet-Version 4.0.30319 Content-Encoding gzip Expires Sun, 02 Nov 2025 22:42:00 GMT Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type text/javascript; charset=utf-8 Last-Modified Sat, 02 Nov 2024 22:42:00 GMT Vary User-Agent, Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	angular Show response ordering.ges.com/scripts/	154 KB 67 KB	860ms 521ms	Script text/javascript	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/scripts/angular?v=MSt50zjjzH0xdxOCRd574Weh8HAYib-mPnwdSjBRcNM1 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash acec94918fcbc3027f77db1be8ed7c41e2e798467090533cd4b627ded0042236 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control public, no-cache="Set-Cookie" X-AspNet-Version 4.0.30319 Content-Encoding gzip Connection Keep-Alive Expires Sun, 02 Nov 2025 22:42:00 GMT Content-Length 68467 Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type text/javascript; charset=utf-8 Last-Modified Sat, 02 Nov 2024 22:42:00 GMT Vary User-Agent, Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	angular-locale_en-US.js Show response ordering.ges.com/scripts/i18n/	2 KB 1 KB	530ms 182ms	Script application/javascript	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/scripts/i18n/angular-locale_en-US.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 234e03f35462b2e4dc2162df0a988a85e407e3e8bd20e75c2851b2a6ff70aedb Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Vary Accept-Encoding Cache-Control private Content-Encoding gzip ETag "03cd6ee3320db1:0" Connection Keep-Alive Accept-Ranges bytes Content-Length 851 Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type application/javascript Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	jquery.dataTables.min.js Show response ordering.ges.com/scripts/	73 KB 26 KB	684ms 176ms	Script application/javascript	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/scripts/jquery.dataTables.min.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 5af1272b3d3ecd5e66ddfacff25403e0c9393113cd7fd69efb3a93e92d3e3251 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Vary Accept-Encoding Cache-Control private Content-Encoding gzip ETag "03cd6ee3320db1:0" Connection Keep-Alive Accept-Ranges bytes Content-Length 26366 Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type application/javascript Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	app Show response ordering.ges.com/scripts/	24 KB 9 KB	859ms 342ms	Script text/javascript	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/scripts/app?v=ZWQhnKnVMmMqTHXvxFQooxtVTcvK_NPfrroQZV17QZY1 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 00ec2d86521099a5ca81c44e2622d76a27763a278292ac7effa06e45c57a783c Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control public, no-cache="Set-Cookie" X-AspNet-Version 4.0.30319 Content-Encoding gzip Connection Keep-Alive Expires Sun, 02 Nov 2025 22:42:00 GMT Content-Length 8983 Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type text/javascript; charset=utf-8 Last-Modified Sat, 02 Nov 2024 22:42:00 GMT Vary User-Agent, Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	kinetic Show response ordering.ges.com/scripts/	113 KB 39 KB	1067ms 536ms	Script text/javascript	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/scripts/kinetic?v=6BDborWWEpmBjVFa2y2BT2Gjal2F2ggTGjEcCf0tDMU1 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash a2fe2355aba84e9add1888e894de4a74599c62c60387cce3d152df802bb4c6fc Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=89999; includeSubDomains Cache-Control public, no-cache="Set-Cookie" X-AspNet-Version 4.0.30319 Content-Encoding gzip Connection Keep-Alive Expires Sun, 02 Nov 2025 22:42:00 GMT Content-Length 39505 Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type text/javascript; charset=utf-8 Last-Modified Sat, 02 Nov 2024 22:42:00 GMT Vary User-Agent, Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	colors.css ordering.ges.com/Content/css/	5 KB 2 KB	514ms 179ms	Stylesheet text/css	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/Content/css/colors.css Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 1f6e43630a27ab5e1586effa3c2209a42472a7eac811980296f433615f7c9282 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Vary Accept-Encoding Cache-Control private Content-Encoding gzip ETag "03cd6ee3320db1:0" Connection Keep-Alive Accept-Ranges bytes Content-Length 1657 Date Sat, 02 Nov 2024 22:41:59 GMT Content-Type text/css Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H2	200	js Show response www.googletagmanager.com/gtag/	325 KB 108 KB	97ms 42ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TY3FK7F7B8 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 70745fd37476335e4c300666ed50a6b5f8ef4f467991c4ba6765ec264facb060 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sat, 02 Nov 2024 22:42:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 02 Nov 2024 22:42:01 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109825 x-xss-protection 0 server Google Tag Manager
GET H/1.1	200 OK	typekit-bcs3uwn.js Show response ordering.ges.com/Scripts/	26 KB 11 KB	1009ms 337ms	Script application/javascript	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/Scripts/typekit-bcs3uwn.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash a16b19453e08f1981d6ee3bdb8c51c1ab2be15f4de4d739f19625fb2ebbc5be3 Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=89999; includeSubDomains Vary Accept-Encoding Cache-Control private Content-Encoding gzip ETag "03cd6ee3320db1:0" Connection Keep-Alive Accept-Ranges bytes Content-Length 10352 Date Sat, 02 Nov 2024 22:42:00 GMT Content-Type application/javascript Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	expresso_opaque.png ordering.ges.com/GES/images/	2 KB 3 KB	169ms 169ms	Image image/png	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Show image Full URL https://ordering.ges.com/GES/images/expresso_opaque.png Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 121710fa0d64cf0109f9cee45df93ab3ef0d41fefd01e694ed308700045ad8fc Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=89999; includeSubDomains Cache-Control private ETag "03cd6ee3320db1:0" Accept-Ranges bytes Content-Length 2481 Date Sat, 02 Nov 2024 22:42:00 GMT Content-Type image/png Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ges-logo-white.png ordering.ges.com/images/	4 KB 4 KB	189ms 189ms	Image image/png	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Show image Full URL https://ordering.ges.com/images/ges-logo-white.png Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash d4d0de9cebd70a185ca3d0ef5ea9f48fb66c6601179490a1eb5d721406a7b850 Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=89999; includeSubDomains Cache-Control private ETag "f5e0869c750d51:0" Accept-Ranges bytes Content-Length 3612 Date Sat, 02 Nov 2024 22:42:00 GMT Content-Type image/png Last-Modified Mon, 12 Aug 2019 04:35:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	getActiveRegistration Show response ordering.ges.com/api/registration/	4 B 420 B	189ms 189ms	XHR application/json	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/api/registration/getActiveRegistration?projectCode=logon Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/js?v=vHcw9CDlLN6fG5IMJ8arQ6DoJjTwDYvEks8sD5q50RI1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Security Headers Name Value Strict-Transport-Security max-age=89998; includeSubDomains Request headers Referer https://ordering.ges.com/logon X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Response headers Strict-Transport-Security max-age=89998; includeSubDomains Cache-Control no-cache X-AspNet-Version 4.0.30319 Pragma no-cache Expires -1 Content-Length 4 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type application/json; charset=utf-8 X-Powered-By ASP.NET Server Microsoft-IIS/8.5 Vary Accept-Encoding
GET H/1.1	200 OK	GetShowInstanceByProjectCode Show response ordering.ges.com/api/showinstances/	2 B 418 B	695ms 695ms	XHR application/json	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/api/showinstances/GetShowInstanceByProjectCode?projectCode=logon&_=1730587322215 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/js?v=vHcw9CDlLN6fG5IMJ8arQ6DoJjTwDYvEks8sD5q50RI1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains Request headers Referer https://ordering.ges.com/logon X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Response headers Strict-Transport-Security max-age=89999; includeSubDomains Cache-Control no-cache X-AspNet-Version 4.0.30319 Pragma no-cache Expires -1 Content-Length 2 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type application/json; charset=utf-8 X-Powered-By ASP.NET Server Microsoft-IIS/8.5 Vary Accept-Encoding
GET H/1.1	200 OK	site24x7rum-min.js Show response static.site24x7rum.com/beacon/	186 KB 49 KB	133ms 43ms	Script application/javascript	108.138.36.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=7eb31aeb6026456d77428b25b5693ff4 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/js?v=vHcw9CDlLN6fG5IMJ8arQ6DoJjTwDYvEks8sD5q50RI1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.36.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-58.muc50.r.cloudfront.net Software ZGS / Resource Hash f461ad77a9e37494e2da71724738b648b361f8d4e9177c568d957b89b84aec27 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers Transfer-Encoding chunked Content-Encoding gzip Age 9897 Connection keep-alive X-Content-Type-Options nosniff Via 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront) Access-Control-Allow-Origin * X-Cache Hit from cloudfront X-Amz-Cf-Id 0n86cl7S04n9MRhp-aYtjv0KmZFT8N2-WDDV7wT9qHE4rBZeW4zZZw== Date Sat, 02 Nov 2024 19:57:05 GMT Content-Type application/javascript;charset=ISO-8859-1 Vary accept-encoding Server ZGS X-Amz-Cf-Pop MUC50-P2 X-Frame-Options SAMEORIGIN
GET H2	200	gtm.js Show response www.googletagmanager.com/	337 KB 112 KB	42ms 42ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TKG6TK4 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a1cee7508800894700ede45dad6e6be77b8639d65494ea745ec4857ac1e11227 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Sat, 02 Nov 2024 22:42:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sat, 02 Nov 2024 21:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 114421 x-xss-protection 0 server Google Tag Manager
GET H/1.1	200 OK	expresso_opaque.png ordering.ges.com/GES/images/	2 KB 0	0ms 0ms	Image image/png	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Show image Full URL https://ordering.ges.com/GES/images/expresso_opaque.png Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 121710fa0d64cf0109f9cee45df93ab3ef0d41fefd01e694ed308700045ad8fc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Cache-Control private ETag "03cd6ee3320db1:0" Accept-Ranges bytes Content-Length 2481 Date Sat, 02 Nov 2024 22:42:00 GMT Content-Type image/png Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H2	200	capture-nv.js Show response ws.rightonin.com/scripts/	5 KB 6 KB	361ms 115ms	Script application/javascript	52.4.143.225 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ws.rightonin.com/scripts/capture-nv.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.4.143.225 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-4-143-225.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5ed59d13f0bd99a3fc0fdbc1ce6c18a0639c0b49db67ed379a0b875e2b374a9c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers etag "66b5d59a15dd61:0" accept-ranges bytes content-length 5531 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/javascript last-modified Tue, 07 Apr 2020 19:49:09 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET
GET H2	200	l use.typekit.net/af/4d78e8/00000000000000003b9aefb6/27/	32 KB 32 KB	275ms 155ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/4d78e8/00000000000000003b9aefb6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 8be4bd3be2de026a829c8b4680534b793924f08e17d32690c9a9471af959e892 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "cafc4bff33e24e3927b0cb63ca87f7c720b5b86d" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 32776 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/b683e3/00000000000000003b9b306c/27/	33 KB 33 KB	188ms 69ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/b683e3/00000000000000003b9b306c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash c8d39d12376a2705a9b5cd8344e35f97f9c1d7d53b89808db398d082c12e28b0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "7e2bf51198d2ced5a36f2d4d9e925f0b9fa0fbe5" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33928 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/195095/00000000000000003b9aefb7/27/	32 KB 33 KB	261ms 142ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/195095/00000000000000003b9aefb7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 7158120fdbf126d29259949f8ec9017fdc2d136e2fe7f7fc82c88a24298b953e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "48292edd89d69368df8bc8b83e03819dae80e888" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33264 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/d32834/00000000000000003b9b306d/27/	34 KB 34 KB	250ms 131ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/d32834/00000000000000003b9b306d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i9&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash c19d900b24fc47b2786d014956886724ea4f01df76695d5e4a96c7f777ec5157 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "822c77e04bd202747d88f8fec6dc1a2e3ebe374f" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 34512 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/	32 KB 32 KB	270ms 151ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash a266e11de86ad85e8a31f22f3f3d362b500e59245ef84eda7d781b72273c96b0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "5b1424bf708a1baf048831772af7891cda52e1e0" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 32984 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/949f99/00000000000000003b9b3068/27/	34 KB 34 KB	159ms 40ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "b5fef031a96fc670f9c3b1b64dd52243a29d7531" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 34336 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/29352b/00000000000000003b9aefb9/27/	33 KB 33 KB	193ms 74ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/29352b/00000000000000003b9aefb9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 34999e61b61a93cf7831d4976d1a79a95733db6a3ba41ef0247ee0cc8ccbe406 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "41bd63e072fcddb931e4f5c670a122a6ae75b1a8" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 34028 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/4c4052/00000000000000003b9b3069/27/	35 KB 35 KB	255ms 136ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/4c4052/00000000000000003b9b3069/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9dcc6573f88dd864cfd51d58ee92a75cdeed2cab32492e58e1c96436f2223eba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "9b9703c5b759eb477679eb877a148d00687183e5" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 36104 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/e243cc/00000000000000003b9aefe5/27/	30 KB 30 KB	244ms 125ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/e243cc/00000000000000003b9aefe5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 3336d74705aae1c03ed4ac219b0f91d872a62d70ca0a7e3d1dab1dd832170f1c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "a18642fc44553aacbff369b60905792ccb674dec" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 30828 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/c47696/00000000000000003b9b305e/27/	31 KB 31 KB	225ms 106ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/c47696/00000000000000003b9b305e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 288a66e27b9adc72417b596ebbd91701a1e152a09261d141aad9741f488e5834 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "2c9fda2771f6f4c9a67486b096e1fde7cc445b11" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 32052 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/fdad12/00000000000000003b9aefc4/27/	32 KB 32 KB	265ms 146ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/fdad12/00000000000000003b9aefc4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i1&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 529dcc4244d34df9a8f0e116c2e260b5a5046dfbe0a9978de8e598e4274e12ec Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "d739cc86ad536279929b2d1b145d2b95bc12b972" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 32652 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/c31dbb/00000000000000003b9b305f/27/	33 KB 33 KB	234ms 115ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/c31dbb/00000000000000003b9b305f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i1&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 04836a0a2c4fa665c306e254ffecd509126e4e9e62bd2d1045494028a9021eb4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "27f6caafa622557991bedc5fe1afb69683895451" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33952 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/	31 KB 31 KB	227ms 108ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4bfa71344815432ab4b5365a2356537db077754717d1d84ced1360a2de60908b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "625d31c6ff36363142e14c9d9cf9f2747ce3803a" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 31984 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/705e94/00000000000000003b9b3062/27/	33 KB 33 KB	277ms 159ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "79fea02668402fc378c129193093131a2db2577c" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33576 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/	33 KB 33 KB	219ms 100ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 793889965167b8d9112fe3f0c45cae6b97f40b930c54c2e079823f153f013962 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "0a37e0f13f84c73347be23130bb6d2063bc1d8a8" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33804 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/	34 KB 34 KB	280ms 162ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4e8d47f2d51e5c15ed54e8237f827005d675eec474216e7931e534c78ff30158 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "d9c559430b0162ff50e16cf6dad5514fa963f9ff" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 35100 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/aa4f4e/000000000000000000012043/27/	30 KB 30 KB	153ms 35ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/aa4f4e/000000000000000000012043/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 8836ebe51ea15b17270b10a0729fb5950e82921b3710b6f49dbc62a07d5efc26 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "aa9a5e7f0780839bee0d48c2fef9febe6db99d1b" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 30476 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/c225e2/000000000000000000011aff/27/	19 KB 19 KB	285ms 167ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/c225e2/000000000000000000011aff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash be08b553524afe2516979423c8147de88c9ad54ae7fb1ccdcb14bfcd6f862c7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "aac07d12e2650fd1a93de82aff4c98527ab9f303" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 19028 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/746d18/000000000000000000017190/27/	15 KB 16 KB	283ms 165ms	Font application/font-woff2	2a02:26f0:3500:16::215:148f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/746d18/000000000000000000017190/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash aa21abaf0fc18caaf87009e217b7ca0ecbbd45b4bcb59b651dff9c45e556493a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/ Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "0a31666084c8e6659e2a68dd55eaed8eaee7c3a3" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 15720 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/font-woff2 server nginx
GET H/1.1	200 OK	sunset-gradient-background-lr.png ordering.ges.com/images/	4 KB 4 KB	185ms 184ms	Image image/png	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Show image Full URL https://ordering.ges.com/images/sunset-gradient-background-lr.png Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 21a71eddaa52c4da9a7cd3542ee651ea811146ed56ad8bb74936db03d9dc7167 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control private ETag "6d0587ecb50d51:0" Accept-Ranges bytes Content-Length 3733 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type image/png Last-Modified Mon, 12 Aug 2019 05:05:00 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	bg-footer-top-grad-x.png ordering.ges.com/content/img/	356 B 785 B	174ms 173ms	Image image/png	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Show image Full URL https://ordering.ges.com/content/img/bg-footer-top-grad-x.png Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 1c4768d00b15501e308c02eb666d6682682182367b8323e9ce0ba79631ea1b47 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Response headers Strict-Transport-Security max-age=90000; includeSubDomains Vary Accept-Encoding Cache-Control private ETag "03cd6ee3320db1:0" Accept-Ranges bytes Content-Length 356 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type image/png Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	404 Not Found	glyphicons-halflings-regular.woff2 ordering.ges.com/content/fonts/	0 0	176ms 176ms	Font text/html	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/content/fonts/glyphicons-halflings-regular.woff2 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control private Content-Encoding gzip Connection Keep-Alive Content-Length 741 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type text/html X-Powered-By ASP.NET Server Microsoft-IIS/8.5 Vary Accept-Encoding
POST H2	204	collect region1.analytics.google.com/g/	0 0	85ms 30ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-TY3FK7F7B8&gtm=45je4au0v9127018508za200&_p=1730587322269&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=78490357.1730587322&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1730587322&sct=1&seg=0&dl=https%3A%2F%2Fordering.ges.com%2Flogon&dt=Expresso%20by%20GES&en=scroll&_fv=1&_nsi=1&_ss=1&ep.debug_mode=false&epn.percent_scrolled=90&tfd=3237 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TY3FK7F7B8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://ordering.ges.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 02 Nov 2024 22:42:02 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 554 B	93ms 29ms	Ping text/plain	2a00:1450:400c:c09::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TY3FK7F7B8&cid=78490357.1730587322&gtm=45je4au0v9127018508za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TY3FK7F7B8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://ordering.ges.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 02 Nov 2024 22:42:02 GMT content-type text/plain server Golfe2
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	63ms 33ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TY3FK7F7B8&cid=78490357.1730587322&gtm=45je4au0v9127018508za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=787566097 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sat, 02 Nov 2024 22:42:02 GMT x-xss-protection 0 content-type image/gif server cafe
GET H/1.1	200 OK	GetCurrentUser Show response ordering.ges.com/api/userinformation/	4 B 420 B	180ms 180ms	XHR application/json	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/api/userinformation/GetCurrentUser?_=1730587322216 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/js?v=vHcw9CDlLN6fG5IMJ8arQ6DoJjTwDYvEks8sD5q50RI1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers Referer https://ordering.ges.com/logon X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control no-cache X-AspNet-Version 4.0.30319 Pragma no-cache Expires -1 Content-Length 4 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type application/json; charset=utf-8 X-Powered-By ASP.NET Server Microsoft-IIS/8.5 Vary Accept-Encoding
GET H/1.1	200 OK	GetBannerMessage Show response ordering.ges.com/Show/	0 340 B	293ms 176ms	XHR text/plain	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/Show/GetBannerMessage Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/js?v=vHcw9CDlLN6fG5IMJ8arQ6DoJjTwDYvEks8sD5q50RI1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=89998; includeSubDomains Request headers Referer https://ordering.ges.com/logon X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept */* Response headers Strict-Transport-Security max-age=89998; includeSubDomains Cache-Control private X-AspNet-Version 4.0.30319 Content-Length 0 Date Sat, 02 Nov 2024 22:42:01 GMT X-Powered-By ASP.NET X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5
GET H/1.1	200 OK	DashboardShowSearch Show response ordering.ges.com/home/	4 KB 2 KB	327ms 180ms	XHR text/html	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/home/DashboardShowSearch Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/angular?v=MSt50zjjzH0xdxOCRd574Weh8HAYib-mPnwdSjBRcNM1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash eb258eafed47330acb8ea2ad629108882d48eb48518b2a152961f54c23070d45 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control private X-AspNet-Version 4.0.30319 Content-Encoding gzip Connection Keep-Alive Content-Length 1400 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type text/html; charset=utf-8 X-Powered-By ASP.NET X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 Vary Accept-Encoding
POST H3	200	collect www.google.com/ccm/	0 0	76ms 31ms	Ping text/plain	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fordering.ges.com%2Flogon&scrsrc=www.googletagmanager.com&frm=0&rnd=690624527.1730587322&auid=1553018788.1730587322&npa=1&gtm=45He4au0v76093853za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730587322354&tfd=3287&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKG6TK4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	123ms 37ms	Script application/javascript	2a02:26f0:3500:10::210:a99 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKG6TK4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers cache-control max-age=39158 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 14628 date Sat, 02 Nov 2024 22:42:02 GMT last-modified Thu, 22 Aug 2024 10:43:55 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	211ms 110ms	Script application/x-javascript	184.31.85.59 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-85-59.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 57d030752d740552eb7759a0dd8e487e96ca86b03c0aa53a7e2b1c213ae74f5f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers Content-Encoding gzip ETag "49bb20382072bfb6b798a6f4c6ab8354:1730261707.305765" Connection keep-alive Accept-Ranges bytes Content-Length 746 P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Date Sat, 02 Nov 2024 22:42:02 GMT Content-Type application/x-javascript Last-Modified Wed, 30 Oct 2024 04:15:07 GMT Server AkamaiNetStorage Vary Accept-Encoding
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	43ms 20ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-e7OIaiIj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-e7OIaiIj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4446, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug tJzlZuZXKu7RfX946ZfV8Q4sULr2DSlc74DCZeQXyDNBX2KZzGrY4uuxFcoxB4TKfKpoxnE7zQYog2KqyDcQ0Q== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62086 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	19 KB 7 KB	94ms 49ms	Script text/javascript	2606:4700::6810:5049 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers cache-control public, max-age=86400 content-encoding gzip etag W/"2024.6.1" cross-origin-resource-policy cross-origin cf-ray 8dc7a2ad1f47d2ef-FRA access-control-allow-origin * date Sat, 02 Nov 2024 22:42:02 GMT content-type text/javascript;charset=UTF-8 last-modified Thu, 06 Jun 2024 15:52:56 GMT vary Accept-Encoding server cloudflare
GET H2	200	uc.js Show response consent.cookiebot.com/	110 KB 34 KB	111ms 42ms	Script application/javascript	2a02:26f0:3500:18::1724:a29d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/uc.js?cbid=fdbe4a89-2068-4914-99f5-b9944eb8ef64&implementation=gtm&consentmode-dataredaction=dynamic&framework=TCFv2.2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKG6TK4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers access-control-expose-headers Request-Context cache-control public, max-age=158 content-encoding gzip etag "42d4c62e8219db1:0" cross-origin-resource-policy cross-origin request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef expires Sat, 02 Nov 2024 22:44:40 GMT accept-ranges bytes content-length 34533 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/javascript last-modified Tue, 08 Oct 2024 13:01:25 GMT vary Accept-Encoding
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4al0/ Frame 1FF8	0 0	68ms 22ms	Document text/html	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fordering.ges.com Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKG6TK4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 391179 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Tue, 29 Oct 2024 10:02:23 GMT expires Wed, 29 Oct 2025 10:02:23 GMT last-modified Mon, 21 Oct 2024 16:58:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	1656858911231711 Show response connect.facebook.net/signals/config/	83 KB 16 KB	113ms 112ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1656858911231711?v=2.9.176&r=stable&domain=ordering.ges.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c9b169208e2b5b8ef127da2daa60db64af3aaf83257df90d5694d326191fcda7 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8UuEaixn' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8UuEaixn' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=77, mss=1232, tbw=70845, tp=67, tpl=0, uplat=91, ullat=0 pragma public x-fb-debug D4RFIvPPZRQ/ufzKgUvDIOOY3MktOOezHjfcimsyNqqRCD51+SXXjYlAQjK5f0CmZf5IIb6y/COETpJtX4FR6Q== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" x-xss-protection 0 origin-agent-cluster ?1
GET H/1.1	200 OK	glyphicons-halflings-regular.woff ordering.ges.com/content/fonts/	23 KB 23 KB	178ms 177ms	Font font/x-woff	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/content/fonts/glyphicons-halflings-regular.woff Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ordering.ges.com Referer https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control private ETag "03cd6ee3320db1:0" Accept-Ranges bytes Content-Length 23424 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type font/x-woff Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 619 B	228ms 178ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ordering.ges.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 51E1DFC96D7B441F95313E52BE0BAE43 Ref B: FRAEDGE1510 Ref C: 2024-11-02T22:42:02Z x-li-fabric prod-ltx1 access-control-allow-credentials true x-li-uuid AAYl9cKd/FsHhNA+/D6aGQ== x-li-proto http/2 access-control-allow-origin https://ordering.ges.com x-cache CONFIG_NOCACHE date Sat, 02 Nov 2024 22:42:02 GMT vary Origin
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 810 B	176ms 129ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=532689%2C5579898&time=1730587322491&url=https%3A%2F%2Fordering.ges.com%2Flogon&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Referer https://ordering.ges.com/ Response headers x-li-pop afd-prod-lva1-x content-encoding gzip x-fs-uuid 000625f5c29db115298a6ef939708d51 x-msedge-ref Ref A: AD02206101644955913F914F81FFF9EC Ref B: FRAEDGE1514 Ref C: 2024-11-02T22:42:02Z x-li-fabric prod-lva1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYl9cKdsRUpim75OXCNUQ== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Sat, 02 Nov 2024 22:42:01 GMT content-type application/json access-control-allow-headers *
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=532689%2C5579898&time=1730587322491&url=https%3A%2F%2Fordering.ges.com%2Flogon&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=532689%2C5579898&time=1730587322491&url=https%3A%2F%2Fordering.ges.com%2Flogon&tm=gtmv2&e_ipv6=AQJKFFFpufgt9gAAAZLvCujnx8ergA3Mt1JFvvrNfuD7ho8szq...	0 265 B	199ms 135ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=532689%2C5579898&time=1730587322491&url=https%3A%2F%2Fordering.ges.com%2Flogon&tm=gtmv2&e_ipv6=AQJKFFFpufgt9gAAAZLvCujnx8ergA3Mt1JFvvrNfuD7ho8szqCeWb8Gu6gMYQLGohex6-jRPO15h72mxPYWZJ4VT-UnDQ Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers linkedin-action 1 x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 6204C8E9715E49D1982608CDC20EEB7B Ref B: AMS04EDGE2605 Ref C: 2024-11-02T22:42:02Z x-li-fabric prod-lva1 x-li-uuid AAYl9cKgrQScch9xQudK0w== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-lva1-x location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=532689%2C5579898&time=1730587322491&url=https%3A%2F%2Fordering.ges.com%2Flogon&tm=gtmv2&e_ipv6=AQJKFFFpufgt9gAAAZLvCujnx8ergA3Mt1JFvvrNfuD7ho8szqCeWb8Gu6gMYQLGohex6-jRPO15h72mxPYWZJ4VT-UnDQ x-msedge-ref Ref A: 1959E8B52BC04179A5BF0413F9D76B40 Ref B: FRAEDGE1510 Ref C: 2024-11-02T22:42:02Z x-li-fabric prod-lva1 x-li-uuid AAYl9cKdrUJEXFzAmsig/w== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Sat, 02 Nov 2024 22:42:02 GMT
GET H2	200	bc-v4.min.html consentcdn.cookiebot.com/sdk/ Frame 62AF	0 0	106ms 36ms	Document text/html	2a02:26f0:3500:887::f09 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consentcdn.cookiebot.com/sdk/bc-v4.min.html Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=fdbe4a89-2068-4914-99f5-b9944eb8ef64&implementation=gtm&consentmode-dataredaction=dynamic&framework=TCFv2.2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash Request headers Referer https://ordering.ges.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=31536000 content-encoding gzip content-length 392 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 02 Nov 2024 22:42:02 GMT etag "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163" expires Sun, 02 Nov 2025 22:42:02 GMT last-modified Mon, 04 Apr 2022 07:23:49 GMT server AkamaiNetStorage server-timing cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1730587322597_388276618_572750947_17_746_34_37_255";dur=1 vary Accept-Encoding x-akamai-transformed 9 - 0 pmb=mRUM,1
GET H2	200	consent-sdk-2.2.js Show response consent.cookiebot.com/Framework/IAB/	275 KB 86 KB	41ms 40ms	Script application/javascript	2a02:26f0:3500:18::1724:a29d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/Framework/IAB/consent-sdk-2.2.js Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=fdbe4a89-2068-4914-99f5-b9944eb8ef64&implementation=gtm&consentmode-dataredaction=dynamic&framework=TCFv2.2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f0af356d5aa34824c2cfe4ed16fd050a2642d3e523b886b8731e0e9dbcc966d9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers access-control-expose-headers Request-Context cache-control public, max-age=193 content-encoding gzip etag "42d4c62e8219db1:0" request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef expires Sat, 02 Nov 2024 22:45:15 GMT accept-ranges bytes content-length 87933 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/javascript last-modified Tue, 08 Oct 2024 13:01:25 GMT vary Accept-Encoding
GET H2	200	cc.js Show response consent.cookiebot.com/fdbe4a89-2068-4914-99f5-b9944eb8ef64/	372 B 596 B	132ms 131ms	Script application/x-javascript	2a02:26f0:3500:18::1724:a29d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/fdbe4a89-2068-4914-99f5-b9944eb8ef64/cc.js?renew=false&referer=ordering.ges.com&dnt=false&init=false&framework=TCFv2.2 Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=fdbe4a89-2068-4914-99f5-b9944eb8ef64&implementation=gtm&consentmode-dataredaction=dynamic&framework=TCFv2.2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:18::1724:a29d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash d174b1796f2901296abc7d940ed19da8bc642cb1f97da62d18615a8f68aa7c75 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers cache-control private, max-age=60 access-control-expose-headers Request-Context content-encoding gzip cross-origin-resource-policy cross-origin request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef content-length 359 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding
GET H3	200	315742662184285 Show response connect.facebook.net/signals/config/	25 KB 3 KB	65ms 64ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/315742662184285?v=2.9.176&r=stable&domain=ordering.ges.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e732523f41df33a8cc3591e739ccabdcad083def92a040880bb705a6c0dffdd Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SqfgF68M' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SqfgF68M' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=91, mss=1232, tbw=87995, tp=84, tpl=0, uplat=44, ullat=0 pragma public x-fb-debug YagYDCySTnbMV/CwqMKnyNmky/qrF4WhlLAQ9WqRzCSp1mcdOi9VeONuuvVpR9qg6JAUD5S6vRvgNaAwo+Ezzg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	/ www.facebook.com/tr/	0 274 B	71ms 21ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1656858911231711&ev=PageView&dl=https%3A%2F%2Fordering.ges.com%2Flogon&rl=&if=false&ts=1730587322580&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730587322577.78431861086095160&cs_est=true&ler=empty&cdl=API_unavailable&it=1730587322447&coo=false&rqm=GET Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=2923, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 02 Nov 2024 22:42:02 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	205ms 155ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1656858911231711&ev=PageView&dl=https%3A%2F%2Fordering.ges.com%2Flogon&rl=&if=false&ts=1730587322580&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730587322577.78431861086095160&cs_est=true&ler=empty&cdl=API_unavailable&it=1730587322447&coo=false&rqm=FGET Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432815950957987368"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 02 Nov 2024 22:42:02 GMT content-type image/png vary Accept-Encoding x-fb-debug xnq5ODGRReSS8+MvRrzlhEjVahf7/AuFddN4jrcTE98u0m0ZwRBfi/TKcajbjZkgOlCUWObZ04+vIHTdVuTa8A== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432815950957987368", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=24, rtx=0, c=14, mss=1328, tbw=3436, tp=-1, tpl=-1, uplat=134, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/163/	11 KB 5 KB	40ms 39ms	Script application/x-javascript	184.31.85.59 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/163/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.31.85.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-85-59.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers Cache-Control max-age=8640000 Content-Encoding gzip ETag "ea7826f34518d7c2295738f39c7640fa:1672972000.238769" Connection keep-alive Expires Mon, 10 Feb 2025 22:42:02 GMT Accept-Ranges bytes P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Length 4741 Date Sat, 02 Nov 2024 22:42:02 GMT Content-Type application/x-javascript Last-Modified Fri, 06 Jan 2023 02:26:40 GMT Server AkamaiNetStorage Vary Accept-Encoding
GET H2	200	p.gif p.typekit.net/	35 B 205 B	142ms 41ms	Image image/gif	2a02:26f0:3500:16::215:1495 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p.typekit.net/p.gif?s=1&k=bcs3uwn&ht=tk&h=ordering.ges.com&f=137.138.139.140.171.172.175.176.2030.2032.25163&a=7472013&js=1.19.2&app=typekit&e=js&_=1730587322596 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers cache-control public, max-age=604800 etag "64c3b732-23" cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 35 date Sat, 02 Nov 2024 22:42:02 GMT content-type image/gif last-modified Fri, 28 Jul 2023 12:40:18 GMT server nginx
POST H/1.1	200 OK	visitWebPage 504-cpv-056.mktoresp.com/webevents/	2 B 318 B	1147ms 190ms	Ping text/plain	192.28.147.68 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://504-cpv-056.mktoresp.com/webevents/visitWebPage?_mchNc=1730587322643&_mchCn=&_mchId=504-CPV-056&_mchTk=_mch-ges.com-1730587322641-47117&_mchHo=ordering.ges.com&_mchPo=&_mchRu=%2Flogon&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp= Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/163/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.147.68 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers Transfer-Encoding chunked X-Request-Id 0e846cd0-a45b-424b-a786-ac8c2aba3f76 Content-Encoding gzip Connection keep-alive Access-Control-Allow-Origin * Date Sat, 02 Nov 2024 22:42:03 GMT Content-Type text/plain; charset=UTF-8 Server nginx/1.20.1
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.5.2/	84 KB 30 KB	79ms 21ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding gzip age 284123 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 15:46:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 15:46:39 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 30082 x-xss-protection 0 server sffe
GET H3	200	589904318025115 Show response connect.facebook.net/signals/config/	25 KB 3 KB	101ms 100ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/589904318025115?v=2.9.176&r=stable&domain=ordering.ges.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash acc5dbd57617002357d6f994954b9e77b7ccdb3321d020140ee94cdf0a0816a7 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FyXVxWof' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FyXVxWof' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=94, mss=1232, tbw=91881, tp=90, tpl=0, uplat=79, ullat=0 pragma public x-fb-debug TXz38R/Z2P7sXf2B3OvCoAGYwe4L27grKvbzFcfqaxEL4Rshi7tXYcNZMcEu/+RmsD+rdb2a2OXPnz9Nsr3faw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	/ www.facebook.com/tr/	0 103 B	21ms 21ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=315742662184285&ev=PageView&dl=https%3A%2F%2Fordering.ges.com%2Flogon&rl=&if=false&ts=1730587322653&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730587322577.78431861086095160&ler=empty&cdl=API_unavailable&it=1730587322447&coo=false&rqm=GET Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=14, mss=1328, tbw=3289, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 02 Nov 2024 22:42:02 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 846 B	178ms 177ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=315742662184285&ev=PageView&dl=https%3A%2F%2Fordering.ges.com%2Flogon&rl=&if=false&ts=1730587322653&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730587322577.78431861086095160&ler=empty&cdl=API_unavailable&it=1730587322447&coo=false&rqm=FGET Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432815951373302925"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 02 Nov 2024 22:42:02 GMT content-type image/png vary Accept-Encoding x-fb-debug B59876CHGICuyFdF8p08bPfllNwmMB6QOSs0b9OmbtdzKZnn33Wkd59GeOTG0FSjyLOXO1JM0rzUosxKiBE4KQ== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432815951373302925", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1328, tbw=6250, tp=-1, tpl=-1, uplat=157, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H/1.1	200 OK	spinner.html Show response ordering.ges.com/App/_Common/Templates/	223 B 652 B	171ms 170ms	XHR text/html	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/App/_Common/Templates/spinner.html Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/angular?v=MSt50zjjzH0xdxOCRd574Weh8HAYib-mPnwdSjBRcNM1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash d93e1cefe75dd1be1a3057406d50d975e82d4d6d956e9ae77cc8c3164c467036 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Vary Accept-Encoding Cache-Control private ETag "03cd6ee3320db1:0" Accept-Ranges bytes Content-Length 223 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type text/html Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	companies Show response ordering.ges.com/api/	4 KB 2 KB	213ms 213ms	XHR application/json	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/api/companies Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/angular?v=MSt50zjjzH0xdxOCRd574Weh8HAYib-mPnwdSjBRcNM1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash c500762c16a65f9c7a5ddf373fe658057fc9ae678eb984bff476a4ea707e4f57 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control no-cache X-AspNet-Version 4.0.30319 Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires -1 Content-Length 1218 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type application/json; charset=utf-8 X-Powered-By ASP.NET Server Microsoft-IIS/8.5 Vary Accept-Encoding
GET H2	200	plugins-nv.js Show response ws.rightonin.com/scripts/	4 KB 4 KB	117ms 116ms	Script application/javascript	52.4.143.225 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ws.rightonin.com/scripts/plugins-nv.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.4.143.225 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-4-143-225.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 9ba5032618d589ea8a0cc86ea307e31874ae74f2e9c77d8df1c9503b91861aa2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers etag "d0a6ad1fc92d01:0" accept-ranges bytes content-length 3856 date Sat, 02 Nov 2024 22:42:02 GMT content-type application/javascript last-modified Wed, 20 May 2015 12:59:33 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET
GET H3	200	/ www.facebook.com/tr/	0 19 B	23ms 23ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=589904318025115&ev=PageView&dl=https%3A%2F%2Fordering.ges.com%2Flogon&rl=&if=false&ts=1730587322760&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730587322577.78431861086095160&ler=empty&cdl=API_unavailable&it=1730587322447&coo=false&rqm=GET Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4794, tp=12, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 02 Nov 2024 22:42:02 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 196 B	104ms 104ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=589904318025115&ev=PageView&dl=https%3A%2F%2Fordering.ges.com%2Flogon&rl=&if=false&ts=1730587322760&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730587322577.78431861086095160&ler=empty&cdl=API_unavailable&it=1730587322447&coo=false&rqm=FGET Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432815951771567243"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 02 Nov 2024 22:42:02 GMT content-type image/png vary Accept-Encoding x-fb-debug LvHvvsIjcXCRozslTuvL+Qjn8A7LkvqfhVoCjoSeh+rSz1JeE7+KPJi/pRtfFk2Ug62qPeHC8vickOtV/M/mPg== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432815951771567243", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=22, rtx=0, c=24, mss=1232, tbw=5162, tp=15, tpl=0, uplat=80, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	88 KB 28 KB	129ms 40ms	Script text/javascript	2600:9000:2644:cc00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: ordering.ges.com URL: https://ordering.ges.com/logon Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2644:cc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers Access-Control-Max-Age 600 Content-Encoding gzip X-Amz-Version-Id XRapE5DFdXRGc5myIfsDq4zGHQVtai2E Etag W/"792eca3181a87960d692c005437f63e0" Age 2860 Access-Control-Allow-Methods GET X-Cache Hit from cloudfront X-Amz-Cf-Id A7rWneKYv-ds5WC35YGBsyFwM24l2KpMe5LXDpWo05H6G52ZZlRnOQ== Date Sat, 02 Nov 2024 21:54:23 GMT Content-Type text/javascript Vary accept-encoding Last-Modified Tue, 15 Oct 2024 15:51:52 GMT Access-Control-Allow-Headers * Transfer-Encoding chunked Cache-Control max-age=3600, must-revalidate Connection keep-alive Access-Control-Allow-Credentials false Via 1.1 56a77d6c9e6b49fa4179a99507a9582e.cloudfront.net (CloudFront) Access-Control-Allow-Origin * X-Amz-Cf-Pop FRA60-P6 Server AmazonS3 X-Amz-Server-Side-Encryption AES256
GET H/1.1	200 OK	MultiNoun.jsonp Show response c.la2-c2-ord.salesforceliveagent.com/chat/rest/System/	238 B 598 B	918ms 165ms	Script text/javascript	13.110.60.112 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://c.la2-c2-ord.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573400000004CLb,57340000000Kzez,573400000004CLq,57340000000Kzf2,57340000000Kzew,573400000004CLg]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572400000004CLg&org_id=00D400000009GL4&version=40 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/js?v=vHcw9CDlLN6fG5IMJ8arQ6DoJjTwDYvEks8sD5q50RI1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.110.60.112 , United States, ASN14340 (SALESFORCE, US), Reverse DNS dcl5-ncg1-c5-iad4.la2-c2-ia4.salesforceliveagent.com Software / Resource Hash b36a6d7a0caf1386bc4ac818a9ce4c065d033c624cb1a03550094be07918e142 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers Cache-Control no-cache Content-Encoding gzip Pragma no-cache Connection close Access-Control-Allow-Credentials true X-Content-Type-Options nosniff Expires -1 Access-Control-Allow-Origin * Content-Type text/javascript
GET H/1.1	200 OK	1.gif imgsct.cookiebot.com/	35 B 744 B	110ms 38ms	Image image/gif	2a02:26f0:3500:887::f09 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://imgsct.cookiebot.com/1.gif?dgi=fdbe4a89-2068-4914-99f5-b9944eb8ef64 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers x-goog-metageneration 1 Access-Control-Expose-Headers * x-goog-hash crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ== ETag "c2196de8ba412c60c22ab491af7b1409" x-goog-stored-content-encoding identity x-goog-stored-content-length 35 Date Sat, 02 Nov 2024 22:42:02 GMT Last-Modified Mon, 23 Oct 2023 11:39:32 GMT Content-Type image/gif X-GUploader-UploadID AHmUCY2hP6F9qvO3J7YJSEai6MTc0SnI_uKwlwStwWjl6CHar43h8H3fsmMHkFp8pZf-jRVwNLl-hRKntg Cache-Control public,max-age=1800 x-goog-storage-class STANDARD Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Origin * x-goog-generation 1698061172769999 Content-Length 35 Server UploadServer
POST H2	200	data col.site24x7rum.com/rum/	0 0	666ms 263ms	Ping application/json	54.69.101.251 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://col.site24x7rum.com/rum/data Requested by Host: static.site24x7rum.com URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=7eb31aeb6026456d77428b25b5693ff4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.69.101.251 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-69-101-251.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://ordering.ges.com/ Response headers
POST H2	204	rum Show response cloudflareinsights.com/cdn-cgi/	0 37 B	27ms 26ms	XHR text/plain	2606:4700::6810:4f49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflareinsights.com/cdn-cgi/rum Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type application/json Referer https://ordering.ges.com/ Response headers access-control-max-age 86400 access-control-allow-credentials true access-control-allow-methods POST,OPTIONS x-content-type-options nosniff cf-ray 8dc7a2b09e081976-FRA access-control-allow-origin https://ordering.ges.com date Sat, 02 Nov 2024 22:42:02 GMT vary Origin server cloudflare x-frame-options DENY
OPTIONS H2	200	rum cloudflareinsights.com/cdn-cgi/ Frame	0 0	82ms 26ms	Preflight text/plain	2606:4700::6810:4f49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflareinsights.com/cdn-cgi/rum Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://ordering.ges.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-methods POST,OPTIONS access-control-allow-origin https://ordering.ges.com access-control-max-age 86400 cf-ray 8dc7a2b06de51976-FRA content-encoding gzip content-type text/plain date Sat, 02 Nov 2024 22:42:02 GMT server cloudflare vary Origin x-content-type-options nosniff x-frame-options DENY
GET H/1.1	200 OK	filter Show response ordering.ges.com/api/companies/	4 B 420 B	178ms 178ms	XHR application/json	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/api/companies/filter?ID=00000000-0000-0000-0000-000000000000&Domain=ordering.ges.com Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/angular?v=MSt50zjjzH0xdxOCRd574Weh8HAYib-mPnwdSjBRcNM1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=89999; includeSubDomains Cache-Control no-cache X-AspNet-Version 4.0.30319 Pragma no-cache Expires -1 Content-Length 4 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type application/json; charset=utf-8 X-Powered-By ASP.NET Server Microsoft-IIS/8.5 Vary Accept-Encoding
GET H/1.1	200 OK	favicon.ico ordering.ges.com/	1 KB 2 KB	173ms 173ms	Other image/x-icon	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 2c8f5b12fed5ee473806061071b3a971781aba0d7e21078116f8824411158ef7 Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=89999; includeSubDomains Cache-Control private ETag "03cd6ee3320db1:0" Accept-Ranges bytes Content-Length 1150 Date Sat, 02 Nov 2024 22:42:01 GMT Content-Type image/x-icon Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/D4YKTPGM4NAUFN3GQB5EDB/YRSQACZLQJGSLPM36JWKLB/fpconsent.js https://s.adroll.com/j/pre/index.js	0 733 B	36ms 36ms	Script application/javascript	2600:9000:2644:cc00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Protocol HTTP/1.1 Server 2600:9000:2644:cc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers Access-Control-Max-Age 600 X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Etag "d41d8cd98f00b204e9800998ecf8427e" Age 57024 Access-Control-Allow-Methods GET X-Cache Hit from cloudfront X-Amz-Cf-Id UOvH1_eEGG3NxG3EYzIS6HUWncLMIzCReCBWdIqm4YVNMyIzeVdkNw== Date Sat, 02 Nov 2024 06:51:40 GMT Content-Type application/javascript Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Access-Control-Allow-Headers * Connection keep-alive Access-Control-Allow-Credentials false Via 1.1 56a77d6c9e6b49fa4179a99507a9582e.cloudfront.net (CloudFront) Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 0 X-Amz-Cf-Pop FRA60-P6 Server AmazonS3 X-Amz-Server-Side-Encryption AES256 Redirect headers Access-Control-Max-Age 600 Location https://s.adroll.com/j/pre/index.js Connection keep-alive Access-Control-Allow-Credentials false Access-Control-Allow-Methods GET Via 1.1 56a77d6c9e6b49fa4179a99507a9582e.cloudfront.net (CloudFront) Access-Control-Allow-Origin * X-Cache Error from cloudfront Content-Length 0 X-Amz-Cf-Id 9VmDnkIIKnZRSXpheaBKt4LJu0A4nw7LY-ZQ_rmYrVYiLOZfD-ExLg== Date Sat, 02 Nov 2024 22:42:02 GMT Content-Type application/xml X-Amz-Cf-Pop FRA60-P6 Server AmazonS3 Access-Control-Allow-Headers *
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/D4YKTPGM4NAUFN3GQB5EDB/YRSQACZLQJGSLPM36JWKLB/	0 805 B	716ms 647ms	Script text/javascript	2600:9000:2644:cc00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/D4YKTPGM4NAUFN3GQB5EDB/YRSQACZLQJGSLPM36JWKLB/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2644:cc00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers Access-Control-Max-Age 600 X-Amz-Version-Id vVOVyC3kSjfWc6X4DjSVFO8cMpsZPN0M Etag "d41d8cd98f00b204e9800998ecf8427e" Access-Control-Allow-Methods GET X-Cache RefreshHit from cloudfront X-Amz-Cf-Id mocnVakoYAKt-Q-NEa_-ZjCCoyrIZdO9KzSAILF_1GcJG8PF1Y54_A== Date Sat, 02 Nov 2024 22:42:04 GMT Content-Type text/javascript; charset=utf-8 Vary Accept-Encoding Last-Modified Fri, 01 Nov 2024 11:54:45 GMT Access-Control-Allow-Headers * Cache-Control max-age=3600, must-revalidate Connection keep-alive Access-Control-Allow-Credentials false Via 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront) Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 0 X-Amz-Cf-Pop FRA60-P6 Server AmazonS3 X-Amz-Server-Side-Encryption AES256
GET H/1.1	200 OK	active Show response ordering.ges.com/api/companies/	378 B 796 B	178ms 178ms	XHR application/json	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/api/companies/active Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/angular?v=MSt50zjjzH0xdxOCRd574Weh8HAYib-mPnwdSjBRcNM1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 2c02653d9e94c7791532c5feae4399b9a5fc9fc1bde9cc7aa9071ecae6f9abf3 Security Headers Name Value Strict-Transport-Security max-age=89999; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=89999; includeSubDomains Cache-Control no-cache X-AspNet-Version 4.0.30319 Pragma no-cache Expires -1 Content-Length 378 Date Sat, 02 Nov 2024 22:42:02 GMT Content-Type application/json; charset=utf-8 X-Powered-By ASP.NET Server Microsoft-IIS/8.5 Vary Accept-Encoding
GET H2	200	D4YKTPGM4NAUFN3GQB5EDB Show response d.adroll.com/consent/check/	521 B 614 B	154ms 49ms	Script application/javascript	2a05:d018:cc3:fe04:b4ad:2224:77e9:dee8 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/D4YKTPGM4NAUFN3GQB5EDB?flg=1&pv=4130373917.2871003&arrfrr=https%3A%2F%2Fordering.ges.com%2Flogon&_s=147b1fa2b07cd98a1124c563149053fe&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe04:b4ad:2224:77e9:dee8 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash ec7bd4136706cc6d8fcfdb24dee37f559245ca05ffd38dc8ad1e082d91c5f2ed Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers content-length 521 date Sat, 02 Nov 2024 22:42:03 GMT content-type application/javascript server nginx/1.22.1
GET H/1.1	200 OK	false Show response ordering.ges.com/api/shows/41f5048a-9fd3-43a9-97ba-fb2435b2df40/	55 KB 15 KB	222ms 221ms	XHR application/json	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/api/shows/41f5048a-9fd3-43a9-97ba-fb2435b2df40/false Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/angular?v=MSt50zjjzH0xdxOCRd574Weh8HAYib-mPnwdSjBRcNM1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 079887adf14ca1842e6fc6de4d98b69917cffc88d6426322153c0c1175f8213c Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://ordering.ges.com/logon Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control no-cache X-AspNet-Version 4.0.30319 Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires -1 Content-Length 14637 Date Sat, 02 Nov 2024 22:42:02 GMT Content-Type application/json; charset=utf-8 X-Powered-By ASP.NET Server Microsoft-IIS/8.5 Vary Accept-Encoding
POST H/1.1	200 OK	CompanyInfo Show response ordering.ges.com/Home/	2 KB 1 KB	179ms 178ms	XHR application/json	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Full URL https://ordering.ges.com/Home/CompanyInfo Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/angular?v=MSt50zjjzH0xdxOCRd574Weh8HAYib-mPnwdSjBRcNM1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash b8353fae9febd1dfa13bbf92717a6bf8d6f0fe50c70464fd0718edd931ffc2cc Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers Referer https://ordering.ges.com/logon User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Content-Type application/json;charset=UTF-8 Response headers Strict-Transport-Security max-age=90000; includeSubDomains Cache-Control private X-AspNet-Version 4.0.30319 Content-Encoding gzip Connection Keep-Alive Content-Length 723 Date Sat, 02 Nov 2024 22:42:02 GMT Content-Type application/json; charset=utf-8 X-Powered-By ASP.NET X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 Vary Accept-Encoding
GET H/1.1	200 OK	icon-organizer.png ordering.ges.com/GES/images/	529 B 958 B	178ms 178ms	Image image/png	170.136.108.111 SWITCH-LTD
General Check archive.org Show headers Download Go to Show image Full URL https://ordering.ges.com/GES/images/icon-organizer.png Requested by Host: ordering.ges.com URL: https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.136.108.111 , United States, ASN23005 (SWITCH-LTD, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 542393c6e786a6854403cecf458dfef113ed3747e70b51c5c65298490355b308 Security Headers Name Value Strict-Transport-Security max-age=90000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/content/css/bootstrap?v=dH_KJbicrQIPZYUqJYLQUq_ObUdSNKXP93itubG-nHs1 Response headers Strict-Transport-Security max-age=90000; includeSubDomains Vary Accept-Encoding Cache-Control private ETag "03cd6ee3320db1:0" Accept-Ranges bytes Content-Length 529 Date Sat, 02 Nov 2024 22:42:02 GMT Content-Type image/png Last-Modified Thu, 17 Oct 2024 01:28:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H2	200	Settings.jsonp Show response d.la13-core1.sfdc-yfeipo.salesforceliveagent.com/chat/rest/Visitor/	1 KB 520 B	397ms 129ms	Script text/javascript	52.70.130.240 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://d.la13-core1.sfdc-yfeipo.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?sid=9a854838-1e85-4d68-ba0a-d31b529aa4b8&Settings.prefix=Visitor&Settings.buttonIds=[573400000004CLb,57340000000Kzez,573400000004CLq,57340000000Kzf2,57340000000Kzew,573400000004CLg]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572400000004CLg&org_id=00D400000009GL4&version=40 Requested by Host: ordering.ges.com URL: https://ordering.ges.com/scripts/js?v=vHcw9CDlLN6fG5IMJ8arQ6DoJjTwDYvEks8sD5q50RI1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.70.130.240 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-130-240.compute-1.amazonaws.com Software / Resource Hash 0a7dc0502a0c7f6cf23ffa346c347b0a3064fddcd8a71bff124f4cfe15820602 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ordering.ges.com/ Response headers cache-control no-cache content-encoding gzip pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires -1 access-control-allow-origin * date Sat, 02 Nov 2024 22:42:04 GMT content-type text/javascript