www.bard.org Open in urlscan Pro
2600:9000:2127:2e00:14:8fa:2140:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bard.org/
Effective URL:
https://www.bard.org/
Submission: On December 05 via api (December 5th 2023, 11:53:55 pm UTC) from US — Scanned from DE

Summary HTTP 111 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 35 domains to perform 111 HTTP transactions. The main IP is 2600:9000:2127:2e00:14:8fa:2140:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.bard.org.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 7th 2023. Valid for: a year.

This is the only time www.bard.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.9.66.111 65.9.66.111	16509 (AMAZON-02) (AMAZON-02)
21	2600:9000:212... 2600:9000:2127:2e00:14:8fa:2140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	104.18.40.153 104.18.40.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.64.204.20 172.64.204.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.99.119 65.9.99.119	16509 (AMAZON-02) (AMAZON-02)
2 10	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5 11	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.173.224.136 54.173.224.136	14618 (AMAZON-AES) (AMAZON-AES)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.245.60.17 18.245.60.17	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.95.70 65.9.95.70	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
19 25	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:212... 2600:9000:2127:5e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:bda1:9df6:36cc:93	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.65.68.8 3.65.68.8	16509 (AMAZON-02) (AMAZON-02)
1 1	52.57.111.197 52.57.111.197	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.14 18.245.60.14	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	() ()
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	52.54.191.112 52.54.191.112	14618 (AMAZON-AES) (AMAZON-AES)
1	2.19.217.66 2.19.217.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.255.67.121 34.255.67.121	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
111	39

1 65.9.66.111 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-111.fra56.r.cloudfront.net

www.bard.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:2127:2e00:14:8fa:2140:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.bard.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.40.153 (None, )

ASN13335 (CLOUDFLARENET, US)

static.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.204.20 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.99.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-99-119.prg50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.171.52 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.224.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-224-136.compute-1.amazonaws.com

bidagent.xad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-17.fra60.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-70.prg50.r.cloudfront.net

listgrowth.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.91.62.186 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:5e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:bda1:9df6:36cc:93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.68.8 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-68-8.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.111.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-111-197.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-14.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (None, ) 2 redirects

ASN- ()

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.191.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-191-112.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.217.66 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-66.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.67.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4333 i.simpli.fi — Cisco Umbrella Rank: 3745 um.simpli.fi — Cisco Umbrella Rank: 780	12 KB
22	bard.org 1 redirects www.bard.org	2 MB
15	gstatic.com fonts.gstatic.com www.gstatic.com	724 KB
12	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693	120 KB
11	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	8 KB
7	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	5 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1544 ka-f.fontawesome.com — Cisco Umbrella Rank: 3137	176 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	886 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	349 KB
4	ctctcdn.com static.ctctcdn.com — Cisco Umbrella Rank: 9215 listgrowth.ctctcdn.com — Cisco Umbrella Rank: 11885	60 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	247 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	124 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	140 B
2	pro-market.net 2 redirects fei.pro-market.net	835 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 499 d.agkn.com — Cisco Umbrella Rank: 686	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	712 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355 insight.adsrvr.org — Cisco Umbrella Rank: 557	3 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 835	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1556	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 846
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6102	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	237 B
1	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 22234	578 B
1	xad.com bidagent.xad.com — Cisco Umbrella Rank: 18659	78 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
111	35

	Domain	Requested by
25	um.simpli.fi	19 redirects
22	www.bard.org	1 redirects www.bard.org
10	secure.adnxs.com	5 redirects www.bard.org
10	www.google.com	2 redirects www.bard.org www.gstatic.com www.google.com
9	www.gstatic.com	www.google.com www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	www.google.de	www.bard.org
5	www.googletagmanager.com	www.bard.org www.googletagmanager.com
5	ka-f.fontawesome.com	kit.fontawesome.com www.bard.org
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
3	www.facebook.com	www.bard.org
3	connect.facebook.net	www.bard.org connect.facebook.net
3	static.ctctcdn.com	www.bard.org static.ctctcdn.com
2	cm.g.doubleclick.net	2 redirects
2	loadm.exelator.com	1 redirects
2	idsync.rlcdn.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	region1.analytics.google.com	www.bard.org
2	www.googleadservices.com	1 redirects www.googletagmanager.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ib.adnxs.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	insight.adsrvr.org	js.adsrvr.org
1	i.simpli.fi	tag.simpli.fi
1	listgrowth.ctctcdn.com	www.bard.org
1	stats.g.doubleclick.net	www.bard.org
1	cdn.calltrk.com	www.googletagmanager.com
1	tag.simpli.fi	www.googletagmanager.com
1	bidagent.xad.com	www.bard.org
1	js.adsrvr.org	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.bard.org
1	fonts.googleapis.com	www.bard.org
1	kit.fontawesome.com	www.bard.org
111	46

This site contains links to these domains. Also see Links.

Domain
secure.bard.org
suu.edu
www.gsecclesfoundation.org
www.cedarcity.org
www.visitutah.com
visitcedarcity.com
instagram.com
www.youtube.com
www.facebook.com
www.constantcontact.com

Subject Issuer	Validity	Valid
www.bard.org Amazon RSA 2048 M01	`2023-03-07` - `2024-04-05`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
static.ctctcdn.com Cloudflare Inc ECC CA-3	`2023-07-04` - `2024-07-03`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-14` - `2023-12-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bidagent.xad.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
swappy.callrail.com Amazon RSA 2048 M02	`2023-07-11` - `2024-08-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
listgrowth.ctctcdn.com Amazon RSA 2048 M02	`2023-03-03` - `2024-03-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.bard.org/
Frame ID: 9DFF1EAAAAE63DB2CC0979A5894588B4
Requests: 92 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly93d3cuYmFyZC5vcmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=u8qv1alb6cjv
Frame ID: ECE290FDC275BC1923F981EB001BC2FF
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
Frame ID: F5645767367FBBA10C1050F243C21794
Requests: 11 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=hbpnt56&ref=https%3A%2F%2Fwww.bard.org%2F&upid=m0p5vpo&upv=1.1.0
Frame ID: 0E869F74EB9EDF12535930E823866A51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Utah Shakespeare Festival

Page URL History Show full URLs

http://www.bard.org/ HTTP 301
https://www.bard.org/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

111
Requests

77 %
HTTPS

39 %
IPv6

35
Domains

46
Subdomains

39
IPs

8
Countries

4072 kB
Transfer

7420 kB
Size

23
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.bard.org/Online/maintainAccount.asp?menu_id=77E87883-30DD-49E0-A827-A639DF828E6C
Title: Login

Search URL Search Domain Scan URL

URL: http://suu.edu/
Title: The Professional Theatre at Southern Utah University

Search URL Search Domain Scan URL

URL: https://www.gsecclesfoundation.org/

Search URL Search Domain Scan URL

URL: https://www.cedarcity.org/

Search URL Search Domain Scan URL

URL: https://www.visitutah.com/

Search URL Search Domain Scan URL

URL: https://visitcedarcity.com/

Search URL Search Domain Scan URL

URL: https://secure.bard.org/Online/login.asp
Title: Login

Search URL Search Domain Scan URL

URL: http://instagram.com/utahshakespeare
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/utahshakespeare1
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.facebook.com/utahshakespeare
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.constantcontact.com/legal/service-provider
Title: Emails are serviced by Constant Contact.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bard.org/ HTTP 301
https://www.bard.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://secure.adnxs.com/px?id=1482493&t=2&gtmcb=1222077759 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1482493%26t%3D2%26gtmcb%3D1222077759

Request Chain 42

https://secure.adnxs.com/px?id=1591536&t=1&gtmcb=1882311363 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1591536%26t%3D1%26gtmcb%3D1882311363

Request Chain 43

https://secure.adnxs.com/seg?add=26600049&t=2&gtmcb=2142520493 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26600049%26t%3D2%26gtmcb%3D2142520493

Request Chain 44

https://secure.adnxs.com/px?id=1637502&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1637502%26t%3D1

Request Chain 45

https://secure.adnxs.com/seg?add=32035161&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32035161%26t%3D1

Request Chain 54

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391083227/?random=2076420561&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&label=GDsvCIT_-ooCENvpvboB&hn=www.googleadservices.com&frm=0&tiba=Utah%20Shakespeare%20Festival&value=0&auid=892811395.1701820429&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=DLhvZd3_Oc7B9u8PoPqsgAs&sscte=1&crd=&eitems=ChEIgLG7qwYQpZafopPatriHARIdAE2buGdN4bMaJYU_qxRHaAsokcHGev2N86jV_po&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5wYWFzWUx4MllnUHljMUtxU2l5Y05NMl9GU29yaDNhZThncE81d0VsbkpDGlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMdUttUlV5RmpMV3N0cFRLUW91VzFJbTRoTmtibmNBYmdsNExEMUNpdXhoOHVudkpWTXF6UzN1IhMI3bWOkb_5ggMVzqD9Bx0gPQuw HTTP 302
https://www.google.com/pagead/1p-conversion/391083227/?random=2076420561&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&label=GDsvCIT_-ooCENvpvboB&hn=www.googleadservices.com&frm=0&tiba=Utah%20Shakespeare%20Festival&value=0&auid=892811395.1701820429&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5wYWFzWUx4MllnUHljMUtxU2l5Y05NMl9GU29yaDNhZThncE81d0VsbkpDGlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMdUttUlV5RmpMV3N0cFRLUW91VzFJbTRoTmtibmNBYmdsNExEMUNpdXhoOHVudkpWTXF6UzN1IhMI3bWOkb_5ggMVzqD9Bx0gPQuw&is_vtc=1&ocp_id=DLhvZd3_Oc7B9u8PoPqsgAs&cid=CAQSKQDICaaN9PjhxMmTQgkcjO801TDZKfrvGNPsrJ0QmpChcP4DPU8J4BH-&eitems=ChEIgLG7qwYQpZafopPatriHARIdAE2buGd-vM0WAwvGtpbUeQNkXtES49ORfeBTw_c&random=4033215208 HTTP 302
https://www.google.de/pagead/1p-conversion/391083227/?random=2076420561&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&label=GDsvCIT_-ooCENvpvboB&hn=www.googleadservices.com&frm=0&tiba=Utah%20Shakespeare%20Festival&value=0&auid=892811395.1701820429&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5wYWFzWUx4MllnUHljMUtxU2l5Y05NMl9GU29yaDNhZThncE81d0VsbkpDGlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMdUttUlV5RmpMV3N0cFRLUW91VzFJbTRoTmtibmNBYmdsNExEMUNpdXhoOHVudkpWTXF6UzN1IhMI3bWOkb_5ggMVzqD9Bx0gPQuw&is_vtc=1&ocp_id=DLhvZd3_Oc7B9u8PoPqsgAs&cid=CAQSKQDICaaN9PjhxMmTQgkcjO801TDZKfrvGNPsrJ0QmpChcP4DPU8J4BH-&eitems=ChEIgLG7qwYQpZafopPatriHARIdAE2buGd-vM0WAwvGtpbUeQNkXtES49ORfeBTw_c&random=4033215208&ipr=y

Request Chain 79

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=BFA3F62C55784D2182047C15E7352BCF

Request Chain 80

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/BFA3F62C55784D2182047C15E7352BCF HTTP 302
https://sync.1rx.io/usersync/simplifi/BFA3F62C55784D2182047C15E7352BCF?zcc=1&cb=1701820430237 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6ee1ddcf-aad0-4d78-8510-a3b309b76d65-003

Request Chain 81

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=BFA3F62C55784D2182047C15E7352BCF&dongle=yf3

Request Chain 82

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=BFA3F62C55784D2182047C15E7352BCF

Request Chain 83

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=BFA3F62C55784D2182047C15E7352BCF HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=BFA3F62C55784D2182047C15E7352BCF

Request Chain 84

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=BFA3F62C55784D2182047C15E7352BCF HTTP 302
https://d.agkn.com/pixel/10751/?che=1701820430281&ip=37.58.58.246&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216603104721005587130 HTTP 302
https://um.simpli.fi/aa_px?sk=216603104721005587130 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 85

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=BFA3F62C55784D2182047C15E7352BCF

Request Chain 88

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=BFA3F62C55784D2182047C15E7352BCF;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=BFA3F62C55784D2182047C15E7352BCF;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=8994978220125407764

Request Chain 89

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=BFA3F62C55784D2182047C15E7352BCF&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=BFA3F62C55784D2182047C15E7352BCF&j=0&xl8blockcheck=1

Request Chain 91

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=BFA3F62C55784D2182047C15E7352BCF

Request Chain 92

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=BFA3F62C55784D2182047C15E7352BCF

Request Chain 93

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BFA3F62C55784D2182047C15E7352BCF

Request Chain 94

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=BFA3F62C55784D2182047C15E7352BCF

Request Chain 95

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=BFA3F62C55784D2182047C15E7352BCF

Request Chain 96

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1701820430115&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1852471722&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=DrhvZaHjCJyZ9u8PsaGyoAw&sscte=1&crd=&pscrd=IhMIoaLXkb_5ggMVnIz9Bx2xkAzE HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1852471722&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIoaLXkb_5ggMVnIz9Bx2xkAzE&is_vtc=1&ocp_id=DrhvZaHjCJyZ9u8PsaGyoAw&cid=CAQSKQDICaaNGIHzU4-JDZeVcrLuSDDN8bRqa0aARIEEmz_FOgfsfiE6mIr7&random=4104234657 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1852471722&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIoaLXkb_5ggMVnIz9Bx2xkAzE&is_vtc=1&ocp_id=DrhvZaHjCJyZ9u8PsaGyoAw&cid=CAQSKQDICaaNGIHzU4-JDZeVcrLuSDDN8bRqa0aARIEEmz_FOgfsfiE6mIr7&random=4104234657&ipr=y

Request Chain 98

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=BFA3F62C55784D2182047C15E7352BCF

Request Chain 99

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BFA3F62C55784D2182047C15E7352BCF&expires=365

Request Chain 100

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=BFA3F62C55784D2182047C15E7352BCF

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEAq2HWpC5eQze8HeoIrM_8k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BFA3F62C55784D2182047C15E7352BCF HTTP 302
https://um.simpli.fi/g_match?id=

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bard.org/
Redirect Chain

http://www.bard.org/
https://www.bard.org/

89 KB
7 KB

108ms
60ms

Document
text/html

2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4020e309beb0ac946fac067f9c7210ddbc45f190da44961943d5e545996fcba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1150
content-encoding: br
content-type: text/html
date: Tue, 05 Dec 2023 23:34:39 GMT
etag: W/"10b991c3ad68f4e27cb723b7cdbf69ce"
last-modified: Tue, 05 Dec 2023 23:22:43 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-amz-cf-id: U53wVbcyk4XRDFCq6zY0NhIPPKIL7wnkMUgYj_U7kg5slti_XWGAmg==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Tue, 05 Dec 2023 23:53:47 GMT
Location: https://www.bard.org/
Server: CloudFront
Via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: W6GyDEikTO0EV4UA-IkNjKpdCChj7cEtS3AKyRrG1n0Sgqvl1W4zNQ==
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Redirect from cloudfront

GET
H2 200 bundle.min.6110639d11973a631f72c20b12e682278d1ba5840067bc75f5e81596165fd258.css
www.bard.org/css/ 152 KB
23 KB 65ms
64ms Stylesheet
text/css 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bard.org/css/bundle.min.6110639d11973a631f72c20b12e682278d1ba5840067bc75f5e81596165fd258.css
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6110639d11973a631f72c20b12e682278d1ba5840067bc75f5e81596165fd258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:24:24 GMT
content-encoding: br
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:22:36 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 1765
etag: W/"b937b8207108c74863584dfcbaff1a57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: B9rDC6J2zqoQz1G4tVUWspamoO2xJ97_5d64NHdLFx91kv36hBROSg==

GET
H2 200 3369da6bcc.js Show response
kit.fontawesome.com/ 12 KB
5 KB 145ms
126ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/3369da6bcc.js
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2c5e5114c0d1904591ea2f8ca262c72005c16ea15a097d9e11c54978949a83

Request headers

Referer: https://www.bard.org/
Origin: https://www.bard.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 831035eb6b236939-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F54Q6dxGFgpawUQI7kej

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 59ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;500;900&display=swap

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2650b061141cb8936446b656e4e5eaad6dc647af4a2381cd5b01fc83a8d36f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 23:53:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 23:53:48 GMT

GET
H2 200 usf.svg
www.bard.org/images/ 7 KB
3 KB 52ms
52ms Image
image/svg+xml 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/images/usf.svg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eba285117d0429be310d08e19706f3e708c4d4f7bc61703c2199c39949340cc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:36:35 GMT
content-encoding: br
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 06:11:48 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 1034
etag: W/"5e64e233c40c0c290d63b5d68a93c469"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: oFMUQYPtwYMNXun3Bj23uL3De8iVd2hhnspjipuSfz2Uale1aRhbcA==

GET
H2 200 home-believe_huaa85ca220b6341ee1af1224d13a7f882_1246738_1600x0_resize_q90_h2_box_3.webp
www.bard.org/images/homepage/ 150 KB
151 KB 739ms
738ms Image
binary/octet-stream 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/images/homepage/home-believe_huaa85ca220b6341ee1af1224d13a7f882_1246738_1600x0_resize_q90_h2_box_3.webp
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1beb86fe3df6a2c2048e67d09b06b65f466d3a00b4a9b5bf453b15806bb42e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:49 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:22:43 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "245dfa958b7bfb0ef169bb01832f0dd6"
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-length: 153928
x-amz-cf-id: 5rnRJgCdFVmiZUkt1KRDWpBVxSvX7pt_v7zUWfgJEV2Xj2T9Tdh2dg==

GET
H2 200 2023-annual-fundraiser_hu0db6f2ede0721115c4ebafa6fd02203b_1437251_800x0_resize_q70_h2_box_3.webp
www.bard.org/featured/believe-annual-fundraiser/images/ 62 KB
62 KB 75ms
74ms Image
binary/octet-stream 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/featured/believe-annual-fundraiser/images/2023-annual-fundraiser_hu0db6f2ede0721115c4ebafa6fd02203b_1437251_800x0_resize_q70_h2_box_3.webp
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b1f0ce0de00a8ed5b9db2f29605c575f95099fd6341be5948665972aa5611c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:22:42 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "6e6ed6d9e966e7713594e18d1d394f30"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
content-length: 63434
x-amz-cf-id: DtggzvrGMbG9gemhiVXVsqaRtOgf2MFhO1m9h2dmyG9i3xCAv9ArPQ==

GET
H2 200 2023_ad_playbill_2024season.pdf-440-%C3%97-440-px-1-_hu3fea455ab18607cca55126cb567ea2e2_329236_800x0_resize_q70_h2_box_3.webp
www.bard.org/featured/buy-2024-season-tickets/images/ 68 KB
68 KB 491ms
488ms Image
binary/octet-stream 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/featured/buy-2024-season-tickets/images/2023_ad_playbill_2024season.pdf-440-%C3%97-440-px-1-_hu3fea455ab18607cca55126cb567ea2e2_329236_800x0_resize_q70_h2_box_3.webp
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adbd41f2d4de35907a4061decd54dbdc912c02dc90d0f43cda66d0f239929aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:22:42 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "70fc1811551937014154f9fa0d98abe0"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
content-length: 69282
x-amz-cf-id: O57kzdXVrXcJAfSFa7j6RsF8IOdIe_7f-DT6sjMQGSjOI-fx6fnaKA==

GET
H2 200 casting-call-1-_hu333b1cee0dca74dc79b0eb0dda05d103_1714943_800x0_resize_q70_h2_box_3.webp
www.bard.org/featured/2024-audition-information/images/ 80 KB
81 KB 515ms
512ms Image
binary/octet-stream 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/featured/2024-audition-information/images/casting-call-1-_hu333b1cee0dca74dc79b0eb0dda05d103_1714943_800x0_resize_q70_h2_box_3.webp
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7525beeaa4cfb2731bd3f3355d7170cf14431fb886574f2e7f5bcfb9c602bae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:22:42 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "71d1622c59cd9806c5add57b7c965fc3"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
content-length: 82346
x-amz-cf-id: GZN1TVtsvIb7ZdlQT0rkjKhUXb__z8ADFreBSXBjIi3rGDOoxeTmlQ==

GET
H2 200 MASTER-ECCLES-LOGO.jpg
www.bard.org/images/ 32 KB
32 KB 531ms
528ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/images/MASTER-ECCLES-LOGO.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b49e28310b0675b74c12d744d92fd41a075efd42125a04f67fca4e836c1b95f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 06:11:42 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "927a0c0fe75ffdf39059fa72955e5f4c"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 32325
x-amz-cf-id: ZSklqI80S70gggA8VDTI2w5pLsNcGwJp52X76woyzKCCjJU3pyyQVw==

GET
H2 200 2024Plays_Web_Henry8_huebbfad1edfa8e198fe68a27ac6a615ca_182063_500x0_resize_q50_box.jpg
www.bard.org/plays/henry-viii/images/ 15 KB
15 KB 586ms
584ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/plays/henry-viii/images/2024Plays_Web_Henry8_huebbfad1edfa8e198fe68a27ac6a615ca_182063_500x0_resize_q50_box.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48a096bc26f116825ab36a5d600e611d115b8813fec614f6d193f3dea1cd38b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:23:30 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "8384c6dd647a1db720e98ed37461b71f"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 15139
x-amz-cf-id: 1gDoaCmBmZ67140W_ju6kG4fqaNmMExCmY-66iIu4IEPBhil_FJ8zA==

GET
H2 200 24Plays_Web_Winters_huebbfad1edfa8e198fe68a27ac6a615ca_226704_500x0_resize_q50_box.jpg
www.bard.org/plays/the-winters-tale/images/ 18 KB
19 KB 575ms
572ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/plays/the-winters-tale/images/24Plays_Web_Winters_huebbfad1edfa8e198fe68a27ac6a615ca_226704_500x0_resize_q50_box.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6494c5e5a07df15d8d97c1456e950ac0e7cd235e47f0550a011ccf63a91f6137

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:23:33 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "1a75ff64c323e1a1bc7fcc816243212d"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 18787
x-amz-cf-id: DhWPmOIoTBaaUU3cDzUlzUF2M99n0N9FDYTorKlMAgilHbIlt-GAvw==

GET
H2 200 24Plays_Web_TamingShrew_huebbfad1edfa8e198fe68a27ac6a615ca_222864_500x0_resize_q50_box.jpg
www.bard.org/plays/the-taming-of-the-shrew/images/ 19 KB
19 KB 583ms
581ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/plays/the-taming-of-the-shrew/images/24Plays_Web_TamingShrew_huebbfad1edfa8e198fe68a27ac6a615ca_222864_500x0_resize_q50_box.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc37dbf187bad6cbd2e9bb7e8d1af46cf52ba21a65021660eac09b3f9eed4ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:23:33 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "28cce886d4ae9baabde239b621878f57"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 19629
x-amz-cf-id: z7Ui-52BBIlEG2iDxFPoT0TIr5qrR0iecMFoVKwaFS61ZOAq203f4w==

GET
H2 200 24Plays_Web_MuchAdo_huebbfad1edfa8e198fe68a27ac6a615ca_273211_500x0_resize_q50_box.jpg
www.bard.org/plays/much-ado-about-nothing/images/ 20 KB
20 KB 587ms
585ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/plays/much-ado-about-nothing/images/24Plays_Web_MuchAdo_huebbfad1edfa8e198fe68a27ac6a615ca_273211_500x0_resize_q50_box.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 596c70fba74fcacfdce7e6c937f1d5da2502bd98cb90c42c616d8d836a8bbe7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:23:30 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "77445d8102b8c24451bc809f2dd83430"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 20240
x-amz-cf-id: 5-IS49dyaceHR6PVtS_eBqRsodVZ2uhElWd-Qxp7gionT8svUfTdsA==

GET
H2 200 24Plays_Web_39Steps_huebbfad1edfa8e198fe68a27ac6a615ca_318133_500x0_resize_q50_box.jpg
www.bard.org/plays/the-39-steps/images/ 13 KB
13 KB 574ms
572ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/plays/the-39-steps/images/24Plays_Web_39Steps_huebbfad1edfa8e198fe68a27ac6a615ca_318133_500x0_resize_q50_box.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97ea83101e7357ac5e3babceae1b9fd8f20fe693305c05723f99e1779130afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:23:32 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "7dc279a38034ec60e02ccad37f6e2699"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 13048
x-amz-cf-id: J5Urlcz7gbaBC_tJY9FPb3vFuJImo9q2FcjYXFvAcD3lALJi60BU8A==

GET
H2 200 24Plays_Web_SilentSky_huebbfad1edfa8e198fe68a27ac6a615ca_173939_500x0_resize_q50_box.jpg
www.bard.org/plays/silent-sky/images/ 13 KB
13 KB 575ms
574ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/plays/silent-sky/images/24Plays_Web_SilentSky_huebbfad1edfa8e198fe68a27ac6a615ca_173939_500x0_resize_q50_box.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ebffa57f55c0e0b070b2378c78fee79b3f9041479cf00dc3b42315dd2e344aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:23:31 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 711
etag: "e45cf4dd85fe78c4b4139f2a3dad5b05"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 12871
x-amz-cf-id: IdDWPn4jQ9RDV5tsBkgC0LgcRwCY1dBBoX1R3dCaUJd6kifIw3m5zA==

GET
H2 200 24Plays_Web_MTNTop_huebbfad1edfa8e198fe68a27ac6a615ca_205294_500x0_resize_q50_box.jpg
www.bard.org/plays/the-mountaintop/images/ 15 KB
15 KB 616ms
615ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/plays/the-mountaintop/images/24Plays_Web_MTNTop_huebbfad1edfa8e198fe68a27ac6a615ca_205294_500x0_resize_q50_box.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d4e7de637501c204e82b60b15bed1da3e62f7d42ad9d10fa1eb8284d7a2ed04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:58 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:23:32 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 710
etag: "b42ead3a33ba913e22c54b1382af3479"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 14992
x-amz-cf-id: NrfvnZ7lZdjyFnO0FZCAsrjKNLIWVuytvKaD_t97Ahuaol4JsxkFxA==

GET
H2 200 raplogoclr.jpg
www.bard.org/images/sponsors/ 70 KB
70 KB 630ms
629ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/images/sponsors/raplogoclr.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7a95a7b4bc0965bf88bc261c410a0662309fce42271dc793bd1b9abb6767a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:59 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 06:11:48 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 710
etag: "9de3056b160abc095923d2349a807731"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 71705
x-amz-cf-id: W57DTVdSqT2TSx5BTlP-2Suqw97jSqmDX3CxIg6WmsIhzq0PWgxMWw==

GET
H2 200 UTAHlifeelevated.jpg
www.bard.org/images/sponsors/ 20 KB
20 KB 615ms
613ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/images/sponsors/UTAHlifeelevated.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 940977c9fd6682a5dd01d5ee01c4f66790acf8d2963bd3a80a2fdde9c6dbff3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:59 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 06:11:48 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 710
etag: "7cd328aff3da545d6ef50c94bc8a5045"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 20187
x-amz-cf-id: VT-hcr4_h5UAV5dXD8eSeNOO7wqN4zz6BHMrNjRF3X0VyCQER5M4pg==

GET
H2 200 Visit-Cedar-City-Logo_3-color.jpg
www.bard.org/images/sponsors/ 13 KB
13 KB 614ms
612ms Image
image/jpeg 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/images/sponsors/Visit-Cedar-City-Logo_3-color.jpg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78ff6aca271cbfa200917f27bdb1763923e852271fb4ee4994f1a45ccb74140b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:41:59 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 06:11:48 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 710
etag: "0b4a3861e54f8b2f0971d6904808bc71"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 13394
x-amz-cf-id: Kd1OCwUrEIzfs-ymzXqJgEAxWAsI97OukvA6anlKMFIbyX3D3n8ebw==

GET
H2 200 bundle.min.f96e927aaf794bd419699518344cf7640c5aadad52b4c972b11ee0dc59c7733e.js Show response
www.bard.org/js/ 182 KB
54 KB 546ms
543ms Script
application/javascript 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bard.org/js/bundle.min.f96e927aaf794bd419699518344cf7640c5aadad52b4c972b11ee0dc59c7733e.js
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f96e927aaf794bd419699518344cf7640c5aadad52b4c972b11ee0dc59c7733e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:24:24 GMT
content-encoding: br
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:22:43 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 1765
etag: W/"438c6bf1f6cbad2beea370b252f1eb35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: aCM_Q0rNUlsCBtNIwOyNpbi30fC6ADQy32FFvjiABThlVw581v97oA==

GET
H2 200 signup-form-widget.min.js Show response
static.ctctcdn.com/js/signup-form-widget/current/ 972 KB
53 KB 530ms
24ms Script
application/javascript 104.18.40.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc75487ea5ae5e6cab27c457ee4bcb5a39ac8938159e46283ca447c516aa9782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 15:34:18 GMT
server: cloudflare
age: 652
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 831035ef6fde9b34-FRA
content-length: 54153
expires: Wed, 04 Dec 2024 23:42:56 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 546ms
36ms Fetch
text/css 172.64.204.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=3369da6bcc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3369da6bcc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.204.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 571688
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6%2Fb1Dl4ljmYpAkWXj7Y82C5ysD%2BJK%2BdEF%2BxeRczOtyF1MNPreiNSH9gsmnNbGrqUDETLPr66qbAJmB0%2FbEZui2pIsZp8t2DCFRgmtMzJHwMu5HZztvCZz%2BwAcAGDnNpn4nDES7okA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 831035ef6bdc18d4-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: jO9ucBdHgJywt5N9L47IyBOv6KfjuWRFlu6W5CVYRKvan_OKOic3WQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 535ms
26ms Fetch
text/css 172.64.204.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=3369da6bcc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3369da6bcc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.204.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 488439
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPTJ2PX5butChCzE1RukJ%2FRbc1MlNDanq%2F3E61z7NogjCFh1DdipGMeQ4kgvIHK%2BBx3TOBPjY9fkAflDNhpumYcCJ%2BzjEp8HJSKIUeIQBRzaF8zJ4KhUjNWRwLMy0iDVE3bEd6wpkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 831035ef6bd818d4-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: L1qn2TKIuCyIQyHdAUddWA4N9M-qu1gmNlPk_-Eq81woW7pPyBq2mQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 537ms
28ms Fetch
text/css 172.64.204.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=3369da6bcc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3369da6bcc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.204.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2058975
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=im%2B%2FAN3PuF5HpJoShr5FQJsRSYh%2F1ioiT5trM87bmnRHj7wVxj3appTZeDj5Id7QC2k6g2VCCX3yRYVfbj4pvpK5vv3%2FiqXXazhoTc82wlE6NTiwB%2FVQAxX78vlHIbhVuLKtQBcCAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 831035ef6bdb18d4-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: s8fHpvwa3_g8DuY-AcJmfV43-AhXXQbmj8uAIV-POv9PqK0elTPcLA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
100 KB 612ms
103ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTHHZF

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b54c2847fb340ba5309ea4cfacca8a36926f6d97f0d3db5cde2325aefa016e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102022
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 23:53:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
44 KB 543ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PW48HJP

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26477079ad2b5cebed544505bd0bd132381afcade0673461d121b9b3e70bbfbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44456
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 23:53:48 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 531ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;500;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bard.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:18:49 GMT
x-content-type-options: nosniff
age: 318899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:18:49 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 31ms
30ms Font
font/woff2 172.64.204.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.204.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://www.bard.org/
Origin: https://www.bard.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 503968
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TctqI1RB8YJn%2FJnTgUsTMPBPuORteQDmH7j9ligVf10Z0hYJUaUtWE40W8116E4hJwc32SgUgvMCoh7i1Z8KwK0V1yOR%2BGgLgnZpH5BQcb6H0L78hbZDA3wnrF2q%2Fu6b7%2BLNYQx3Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 831035f00c2d18d4-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ybIh55x5h2oeP0JH_W70tJ_oDUmJ2bF3M1DEPeqeIOv28RctzZZoIA==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 44ms
44ms Font
font/woff2 172.64.204.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.204.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://www.bard.org/
Origin: https://www.bard.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 1978475
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu%2Fn%2BxenC6068rutY8e%2FpQHhVxnK2rnbQV9Bdmw11EX%2FgxrCZqZkMWRpQm71zlr%2Brs782h3rHJvHMhMmcrB4okeKMID9j7O0YHznTFJ8QFjag0sCCbebmyR0jPzxYkjwMOX%2BtMe6Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 831035f00c2f18d4-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Pyq4WkFzSDsKVYKe1JQKMST7uwbNGMBVe8ekDiiQPaLYZ1nwzDD4ZA==

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 71ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js

Requested by

Host: www.bard.org
URL: https://www.bard.org/js/bundle.min.f96e927aaf794bd419699518344cf7640c5aadad52b4c972b11ee0dc59c7733e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 655972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5303
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W448a6k7XeBOMHFEOPBl%2BInXwXzgesPF7d%2FjKa6XwtsiEkuu2igfjfDWHkZoRUxh5r8K%2FVij6fvKz4o5vF%2FzzLID9JhfWTZWhJW0SdEkPF8FZwk8pcbHFeGvv8yfz2q4GDkB%2FB9X0xKn9PQ0iAOXUiEg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831035f06a3939be-FRA
expires: Sun, 24 Nov 2024 23:53:48 GMT

GET
H2 200 home1_huebbfad1edfa8e198fe68a27ac6a615ca_2283844_3200x0_resize_q60_h2_box.webp
www.bard.org/images/homepage/ 593 KB
594 KB 317ms
317ms Image
binary/octet-stream 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/images/homepage/home1_huebbfad1edfa8e198fe68a27ac6a615ca_2283844_3200x0_resize_q60_h2_box.webp
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 019f8dd1dc92ab025e38bfbc96a13bc382f4314a95a86274cb650bab72c05830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:49 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:22:43 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "02bc917ccd234c539296e44f07c6e0b1"
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-length: 607038
x-amz-cf-id: CFTJ-F9NGNSHMz1BqVA0TifDWWQZulaYNyp9YVohH4akW1JJPiQ1_Q==

GET
H2 200 greenshow-1_huebbfad1edfa8e198fe68a27ac6a615ca_3575873_3200x0_resize_q60_h2_box.webp
www.bard.org/images/homepage/ 1 MB
1 MB 288ms
288ms Image
binary/octet-stream 2600:9000:2127:2e00:14:8fa:2140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bard.org/images/homepage/greenshow-1_huebbfad1edfa8e198fe68a27ac6a615ca_3575873_3200x0_resize_q60_h2_box.webp
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:14:8fa:2140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f6e6dcb856d4bb787bebad7263c1ffe3a196e29c6fe25d52cd60c819677377e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:49 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 23:22:43 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: "4106d2287ee517ce996309d4d40334d9"
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-length: 1223622
x-amz-cf-id: QBDbPSymjRgzB-pNAqOtfKo425Gr_r2ADddGp9DoHDK1YLsQUVGWbw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391083227/ 3 KB
2 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391083227/?random=1701820428876&cv=11&fst=1701820428876&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&hn=www.googleadservices.com&frm=0&tiba=Utah%20Shakespeare%20Festival&auid=892811395.1701820429&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTHHZF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20a6eccca5cebe75a9abc3493a3b8dc2dfb3400c99072aebe5ae39a742ceac60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/391083227/ 3 KB
2 KB 84ms
29ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/391083227/?random=1701820428879&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&label=GDsvCIT_-ooCENvpvboB&hn=www.googleadservices.com&frm=0&tiba=Utah%20Shakespeare%20Festival&value=0&bttype=purchase&auid=892811395.1701820429&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTHHZF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0699e99712c4f32279d8c4a63982611703fdab65156195523fc3e213c2616766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1627
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 37ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 23:53:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ayUtI6+5CiyytHiXf7OfqD7dOJLLimtOyFiV/qY+T5cqY52XAY8J7JsxrM4d5gWM/cmqLtQZb86bk+C8RU2XyQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
61 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55R4F87

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a51ecf40f77aa6f9ac92e683703ed49d80ddc3a6ffb3d43b74cbc295e613c819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62346
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 23:53:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
45 KB 45ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJPKZNR

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd31c3c316d63a8bf74362bc8aa96d43dec8be99f090e79fc7bbc7c7339bd0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45805
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 23:53:48 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 85ms
23ms Script
application/x-javascript 65.9.99.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTHHZF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-99-119.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 03:37:38 GMT
Content-Encoding: gzip
Via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PRG50-C1
Age: 72971
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: XPK1dDHvTo2o29NR4KoZ9ddR_f8FwEgOaEN52Pz7fsqYNqDA_SloNg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
99 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z1MJJ93WT3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTHHZF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2287649032b8c615154642e55a5345f694576c899fedb14bcec15a7bc5dfa7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101491
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 23:53:48 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Requested by

Host: www.bard.org
URL: https://www.bard.org/js/bundle.min.f96e927aaf794bd419699518344cf7640c5aadad52b4c972b11ee0dc59c7733e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

647f4c1b10452c889e38fd0e9d386d7c7a37169cd53b09048e5d7a205a4422ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 23:53:48 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1482493&t=2&gtmcb=1222077759
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1482493%26t%3D2%26gtmcb%3D1222077759

43 B
842 B

9ms
9ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1482493%26t%3D2%26gtmcb%3D1222077759

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
an-x-request-uuid: 6cf1ab02-9ea7-46b1-b97e-893c1612cf1d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:48 GMT
an-x-request-uuid: 7dd97426-1d8c-46c0-86a5-766ee78fa3ba
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1482493%26t%3D2%26gtmcb%3D1222077759
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 400
Bad Request 209269
bidagent.xad.com/conv/ 78 B
78 B 428ms
100ms Image
text/plain 54.173.224.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidagent.xad.com/conv/209269?ts=%pord=!?gtmcb=1493241733
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.224.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-224-136.compute-1.amazonaws.com
Software: /
Resource Hash: c423fa77c2e553343b1316a22b0107207106c9816130185c41410191685750b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 23:53:49 GMT
Connection: keep-alive
Content-Length: 78
Content-Type: text/plain; charset=UTF-8

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1591536&t=1&gtmcb=1882311363
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1591536%26t%3D1%26gtmcb%3D1882311363

0
809 B

10ms
9ms

Image
application/javascript

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1591536%26t%3D1%26gtmcb%3D1882311363

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
an-x-request-uuid: 969fb3b8-2b40-4b64-8aaf-d8bbf51e0df4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:48 GMT
an-x-request-uuid: 480c8c4f-7410-4cf8-98b8-2aede05c5be5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1591536%26t%3D1%26gtmcb%3D1882311363
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=26600049&t=2&gtmcb=2142520493
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26600049%26t%3D2%26gtmcb%3D2142520493

43 B
841 B

8ms
8ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26600049%26t%3D2%26gtmcb%3D2142520493

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
an-x-request-uuid: e121a459-7131-4071-a5ea-4b072070e25f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:48 GMT
an-x-request-uuid: 9060067a-2a75-4341-a516-4119bf46540d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26600049%26t%3D2%26gtmcb%3D2142520493
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1637502&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1637502%26t%3D1

0
808 B

9ms
8ms

Script
application/javascript

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1637502%26t%3D1

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
an-x-request-uuid: 4984f467-82e3-4284-b031-f73e42eb47ee
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
an-x-request-uuid: 2cbed89f-6204-44a6-93e0-a1eda842b5cd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1637502%26t%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=32035161&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32035161%26t%3D1

0
808 B

10ms
10ms

Script
application/javascript

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32035161%26t%3D1

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
an-x-request-uuid: dc3db959-0464-4e37-8200-a3cbe18eaaba
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:48 GMT
an-x-request-uuid: 33940a2f-b252-4479-a41e-7fec3c87c360
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32035161%26t%3D1
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 a1eda689-38da-4709-a285-dae77e709c7b Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 79ms
22ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/a1eda689-38da-4709-a285-dae77e709c7b
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJPKZNR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 915313f442a6311b783f94c9d963ccab168fa17fcc70ca8d53e9bbc50cdb9f42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F54UqeAE0KlT8iBWjR7B
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/749239500/6c6a23de1978389ff807/12/ 32 B
578 B 185ms
120ms Script
text/javascript 18.245.60.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.calltrk.com/companies/749239500/6c6a23de1978389ff807/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJPKZNR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-17.fra60.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:49 GMT
via: 1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-length: 32
x-xss-protection: 1; mode=block
x-request-id: 70515829-b0ad-4351-abd5-7ebd58eed6af
x-runtime: 0.006135
referrer-policy: strict-origin-when-cross-origin
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: qVFOL7z2yTaLA-yQ98REbIQ98B7nh4SODzkSwREMOO9n-KlUSA3kfA==

GET
H2 200 480268416648934 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 192ms
192ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/480268416648934?v=2.9.138&r=stable&domain=www.bard.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a502b538ba747d76e9078ad221b2281401552c90eec9e7d0be91cf53574d5ee

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 23:53:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: t48s7ZJhOvsoF5e6zprWu2TD5ySYcDgaXm2L+aX+UUCm67pGboVcWMKbuHGGgu8RU6tjyNYHZhZgkRDPAGX5ZA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 59ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Z1MJJ93WT3&gtm=45je3bt0v877995205z872250951&_p=1701820428193&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=723596071.1701820429&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fbard.org%2F&dt=Utah%20Shakespeare%20Festival&sid=1701820428&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_section=Homepage&ep.page_type=Homepage&ep.site_property=Main%20Site&tfd=2174
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bard.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 72ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Z1MJJ93WT3&cid=723596071.1701820429&gtm=45je3bt0v877995205z872250951&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bard.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/382019178/ 3 KB
2 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/382019178/?random=1701820428985&cv=11&fst=1701820428985&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v877995205z872250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbard.org%2F&top=https%3A%2F%2Fwww.bard.org%2F&tiba=Utah%20Shakespeare%20Festival&hn=www.googleadservices.com&frm=0&auid=892811395.1701820429&uamb=0&uaw=0&data=event%3Dgtag.config%3Bsite_section%3DHomepage%3Bpage_type%3DHomepage%3Bsite_property%3DMain%20Site&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z1MJJ93WT3&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e03d37ba541223a86fb5fe7f8a19e97225549c2d25e1baa74b988891db42b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 79ms
26ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Z1MJJ93WT3&cid=723596071.1701820429&gtm=45je3bt0v877995205z872250951&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=976149715

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 69ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bard.org/
Origin: https://www.bard.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 13:19:11 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/391083227/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391083227/?random=2076420561&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/391083227/?random=2076420561&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/391083227/?random=2076420561&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
108 B

28ms
28ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/391083227/?random=2076420561&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&label=GDsvCIT_-ooCENvpvboB&hn=www.googleadservices.com&frm=0&tiba=Utah%20Shakespeare%20Festival&value=0&auid=892811395.1701820429&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5wYWFzWUx4MllnUHljMUtxU2l5Y05NMl9GU29yaDNhZThncE81d0VsbkpDGlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMdUttUlV5RmpMV3N0cFRLUW91VzFJbTRoTmtibmNBYmdsNExEMUNpdXhoOHVudkpWTXF6UzN1IhMI3bWOkb_5ggMVzqD9Bx0gPQuw&is_vtc=1&ocp_id=DLhvZd3_Oc7B9u8PoPqsgAs&cid=CAQSKQDICaaN9PjhxMmTQgkcjO801TDZKfrvGNPsrJ0QmpChcP4DPU8J4BH-&eitems=ChEIgLG7qwYQpZafopPatriHARIdAE2buGd-vM0WAwvGtpbUeQNkXtES49ORfeBTw_c&random=4033215208&ipr=y

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/391083227/?random=2076420561&cv=11&fst=1701820428879&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&label=GDsvCIT_-ooCENvpvboB&hn=www.googleadservices.com&frm=0&tiba=Utah%20Shakespeare%20Festival&value=0&auid=892811395.1701820429&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5wYWFzWUx4MllnUHljMUtxU2l5Y05NMl9GU29yaDNhZThncE81d0VsbkpDGlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMdUttUlV5RmpMV3N0cFRLUW91VzFJbTRoTmtibmNBYmdsNExEMUNpdXhoOHVudkpWTXF6UzN1IhMI3bWOkb_5ggMVzqD9Bx0gPQuw&is_vtc=1&ocp_id=DLhvZd3_Oc7B9u8PoPqsgAs&cid=CAQSKQDICaaN9PjhxMmTQgkcjO801TDZKfrvGNPsrJ0QmpChcP4DPU8J4BH-&eitems=ChEIgLG7qwYQpZafopPatriHARIdAE2buGd-vM0WAwvGtpbUeQNkXtES49ORfeBTw_c&random=4033215208&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/391083227/ 42 B
327 B 25ms
24ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391083227/?random=1701820428876&cv=11&fst=1701817200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&frm=0&tiba=Utah%20Shakespeare%20Festival&fmt=3&is_vtc=1&cid=CAQSGwDICaaNEWsg6bzA5VvWLu6aGw80eX4nZom6zQ&random=3258346489&rmt_tld=0&ipr=y

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/391083227/ 42 B
108 B 81ms
28ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/391083227/?random=1701820428876&cv=11&fst=1701817200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v72250951&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bard.org%2F&frm=0&tiba=Utah%20Shakespeare%20Festival&fmt=3&is_vtc=1&cid=CAQSGwDICaaNEWsg6bzA5VvWLu6aGw80eX4nZom6zQ&random=3258346489&rmt_tld=1&ipr=y

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/382019178/ 42 B
108 B 29ms
28ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/382019178/?random=1701820428985&cv=11&fst=1701817200000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v877995205z872250951&u_w=1600&u_h=1200&url=https%3A%2F%2Fbard.org%2F&tiba=Utah%20Shakespeare%20Festival&frm=0&data=event%3Dgtag.config%3Bsite_section%3DHomepage%3Bpage_type%3DHomepage%3Bsite_property%3DMain%20Site&fmt=3&is_vtc=1&cid=CAQSKQDICaaNgd4w0KJcfUghVF_PD9Al-UKVVaeoHYXO1x4w43BaXXJRrff2&random=4249049583&rmt_tld=0&ipr=y

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/382019178/ 42 B
154 B 78ms
28ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/382019178/?random=1701820428985&cv=11&fst=1701817200000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v877995205z872250951&u_w=1600&u_h=1200&url=https%3A%2F%2Fbard.org%2F&tiba=Utah%20Shakespeare%20Festival&frm=0&data=event%3Dgtag.config%3Bsite_section%3DHomepage%3Bpage_type%3DHomepage%3Bsite_property%3DMain%20Site&fmt=3&is_vtc=1&cid=CAQSKQDICaaNgd4w0KJcfUghVF_PD9Al-UKVVaeoHYXO1x4w43BaXXJRrff2&random=4249049583&rmt_tld=1&ipr=y

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 signup-form-widget.css
static.ctctcdn.com/js/signup-form-widget/current/ 36 KB
3 KB 19ms
19ms Stylesheet
text/css 104.18.40.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.css
Requested by: Host: static.ctctcdn.com
URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ec0263d406e2e385454d1856eec5285a9033f5e4a38c19cebade6e99eb57d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:49 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 15:34:18 GMT
server: cloudflare
age: 736
cf-polished: origSize=51270
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=900, public
x-robots-tag: noindex
cf-ray: 831035f249629b34-FRA
expires: Wed, 04 Dec 2024 23:41:33 GMT

GET
H2 200 048fd12a09f7f784782bc7fb785f2df7.json Show response
listgrowth.ctctcdn.com/v1/ 2 KB
2 KB 521ms
443ms XHR
application/json 65.9.95.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://listgrowth.ctctcdn.com/v1/048fd12a09f7f784782bc7fb785f2df7.json
Requested by: Host: www.bard.org
URL: https://www.bard.org/js/bundle.min.f96e927aaf794bd419699518344cf7640c5aadad52b4c972b11ee0dc59c7733e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-70.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b82b88b81c58cd2612150d740e01f35e141c97f6a868b830648931deee2acf

Request headers

Accept: */*
Referer: https://www.bard.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: vHprLyDV8codwXwoNhfLyouQkNWISk47
content-encoding: gzip
via: 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 23:53:50 GMT
x-amz-request-id: QHZS0XPQ0TQ7YXBY
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: w+cQ0V0uMo4LQdtqQiwEAQiZPCzgg5hyA4rbyFYRLVjZiSyjzk7cO2Q5FcJL8JrHH0oOok/73hA=
recaptcha-key: 6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
last-modified: Thu, 27 Apr 2023 21:04:02 GMT
server: AmazonS3
etag: W/"ab218d5d457ad0d2ada1bbcd42c314c6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: recaptcha-key
cache-control: max-age=5
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: IvZx02Rz_zzqzgQ4v6ZXc2Y9pkV4uguPsulX47KQ19ENCCplWePkbA==

GET
H3 200 1759444757552260 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1759444757552260?v=2.9.138&r=stable&domain=www.bard.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e679adc3585ed70f5d16a032d52cb83db74b9fa1f101ab99bbc7d7cfe4efd820

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 23:53:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: RFEuCuLJqTeUDuF8e5qqLtGWUD7HYxBrmr/Xp1AQeXR5HLqNPpLLWgVtSQFvSjlfj+vD/LYfDrJayY6/dnOyXw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 35ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=480268416648934&ev=PageView&dl=https%3A%2F%2Fwww.bard.org%2F&rl=&if=false&ts=1701820429193&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701820429192.1619414419&ler=empty&it=1701820428966&coo=false&rqm=GET

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 23:53:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 35ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=480268416648934&ev=ViewContent&dl=https%3A%2F%2Fwww.bard.org%2F&rl=&if=false&ts=1701820429194&cd[pagePath]=%5B%22%2F%22%5D&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701820429192.1619414419&ler=empty&it=1701820428966&coo=false&rqm=GET

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 23:53:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1759444757552260&ev=PageView&dl=https%3A%2F%2Fwww.bard.org%2F&rl=&if=false&ts=1701820429264&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701820429192.1619414419&ler=empty&it=1701820428966&coo=false&rqm=GET

Requested by

Host: www.bard.org
URL: https://www.bard.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 23:53:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame ECE2 61 KB
34 KB 41ms
41ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly93d3cuYmFyZC5vcmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=u8qv1alb6cjv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90505dcc890ac3734c27ff57d56b849090be7d81ffa21eb9ba2f3794a9a6c690

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U9MQjuH0XNrOLVCsjPFoAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bard.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-U9MQjuH0XNrOLVCsjPFoAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 23:53:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ctct-close-x.svg
static.ctctcdn.com/contacts/images/signup-tools/ 4 KB
1 KB 17ms
16ms Image
image/svg+xml 104.18.40.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ctctcdn.com/contacts/images/signup-tools/ctct-close-x.svg
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 544caf2f35f849cb11a559ddec8995f3ff5b350d378e04771eb5c46b7622ba2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 Dec 2017 14:32:54 GMT
server: cloudflare
age: 413487
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 831035f5ab2c9b34-FRA
content-length: 1374
expires: Sat, 30 Nov 2024 05:02:22 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame ECE2 55 KB
24 KB 64ms
16ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly93d3cuYmFyZC5vcmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=u8qv1alb6cjv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 20:53:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame ECE2 468 KB
188 KB 76ms
27ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 13:19:11 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame ECE2 2 KB
2 KB 18ms
17ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:37:20 GMT
x-content-type-options: nosniff
age: 116189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Dec 2023 15:37:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ECE2 15 KB
15 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 433613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ECE2 15 KB
15 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 528742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame ECE2 102 B
135 B 28ms
28ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly93d3cuYmFyZC5vcmc6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=u8qv1alb6cjv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 23:53:49 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame F564 7 KB
1 KB 23ms
23ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4fea7412f275ae9b1fef62b87fbc0aad71ac03b863f221ee77079194e58bd1c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cCKMUIL1LiKlCzIJdJnTVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bard.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cCKMUIL1LiKlCzIJdJnTVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 23:53:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F564 55 KB
24 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 20:53:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F564 468 KB
188 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 13:19:11 GMT

GET
H2 200 p Show response
i.simpli.fi/ 798 B
760 B 27ms
19ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=420401&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/a1eda689-38da-4709-a285-dae77e709c7b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 28870e225c9c20864e487cadb4b6bae03c5e487777b1fb2e9566d92662d70833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:50 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 0E86 0
60 B 112ms
35ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=hbpnt56&ref=https%3A%2F%2Fwww.bard.org%2F&upid=m0p5vpo&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bard.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 05 Dec 2023 23:53:50 GMT
server: Kestrel

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame F564 42 KB
25 KB 94ms
94ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3cd49e572c39d747488e72a2af88417afc54672441b1fcb8c56e95e2f4713b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 23:53:50 GMT

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=BFA3F62C55784D2182047C15E7352BCF

0
237 B

112ms
47ms

Image
text/plain

2600:9000:2127:5e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=BFA3F62C55784D2182047C15E7352BCF
Protocol: H2
Server: 2600:9000:2127:5e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
cache-control: no-cache, must-revalidate
via: 1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: wfnghEJGh3OOFSK8byq6ts_HiBPYpzePPIejzrDLy5xXivyHqMKM1w==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

200

RX-6ee1ddcf-aad0-4d78-8510-a3b309b76d65-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/BFA3F62C55784D2182047C15E7352BCF
https://sync.1rx.io/usersync/simplifi/BFA3F62C55784D2182047C15E7352BCF?zcc=1&cb=1701820430237
https://sync.targeting.unrulymedia.com/csync/RX-6ee1ddcf-aad0-4d78-8510-a3b309b76d65-003

43 B
378 B

49ms
13ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-6ee1ddcf-aad0-4d78-8510-a3b309b76d65-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-6ee1ddcf-aad0-4d78-8510-a3b309b76d65-003
pragma: no-cache
date: Tue, 05 Dec 2023 23:53:50 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=BFA3F62C55784D2182047C15E7352BCF&dongle=yf3

37 B
140 B

75ms
24ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=BFA3F62C55784D2182047C15E7352BCF&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=BFA3F62C55784D2182047C15E7352BCF&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=BFA3F62C55784D2182047C15E7352BCF

43 B
175 B

344ms
107ms

Image
image/gif

2600:1f18:612b:4280:bda1:9df6:36cc:93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=BFA3F62C55784D2182047C15E7352BCF
Protocol: H2
Server: 2600:1f18:612b:4280:bda1:9df6:36cc:93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 05 Dec 2023 23:53:50 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=BFA3F62C55784D2182047C15E7352BCF
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=BFA3F62C55784D2182047C15E7352BCF

95 B
427 B

26ms
23ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=BFA3F62C55784D2182047C15E7352BCF

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=BFA3F62C55784D2182047C15E7352BCF
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=BFA3F62C55784D2182047C15E7352BCF
https://d.agkn.com/pixel/10751/?che=1701820430281&ip=37.58.58.246&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216603104721005587130
https://um.simpli.fi/aa_px?sk=216603104721005587130
https://um.simpli.fi/empty.gif

43 B
361 B

15ms
15ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=BFA3F62C55784D2182047C15E7352BCF

0
0

41ms
7ms

Image
text/html

18.245.60.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=BFA3F62C55784D2182047C15E7352BCF
Protocol: H2
Server: 18.245.60.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-14.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 17ms
15ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 18ms
16ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=BFA3F62C55784D2182047C15E7352BCF;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=BFA3F62C55784D2182047C15E7352BCF;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=8994978220125407764

0
42 B

20ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=8994978220125407764
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=8994978220125407764
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=BFA3F62C55784D2182047C15E7352BCF&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=BFA3F62C55784D2182047C15E7352BCF&j=0&xl8blockcheck=1

0
771 B

18ms
18ms

Image
text/plain

18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=BFA3F62C55784D2182047C15E7352BCF&j=0&xl8blockcheck=1
Protocol: H2
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=BFA3F62C55784D2182047C15E7352BCF&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 21ms
19ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=BFA3F62C55784D2182047C15E7352BCF

0
421 B

453ms
100ms

Image
text/plain

52.54.191.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=BFA3F62C55784D2182047C15E7352BCF
Protocol: HTTP/1.1
Server: 52.54.191.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-191-112.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 05 Dec 2023 23:53:49 GMT

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=BFA3F62C55784D2182047C15E7352BCF

62 B
445 B

252ms
176ms

Image
image/gif

2.19.217.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=BFA3F62C55784D2182047C15E7352BCF
Protocol: H2
Server: 2.19.217.66 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-66.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 05 Dec 2023 23:53:50 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

404

tpid=BFA3F62C55784D2182047C15E7352BCF
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BFA3F62C55784D2182047C15E7352BCF

49 B
266 B

99ms
29ms

Image
image/gif

34.255.67.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BFA3F62C55784D2182047C15E7352BCF
Protocol: H2
Server: 34.255.67.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:50 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.204
content-length: 49
expires: 0

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=BFA3F62C55784D2182047C15E7352BCF

0
311 B

82ms
33ms

Image
text/plain

216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=BFA3F62C55784D2182047C15E7352BCF
Protocol: HTTP/1.1
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Tue, 05 Dec 2023 23:53:50 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=BFA3F62C55784D2182047C15E7352BCF

0
98 B

68ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=BFA3F62C55784D2182047C15E7352BCF
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1701820430115&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1852471722&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1852471722&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIoaLXk...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1852471722&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIoaLXkb...

42 B
108 B

27ms
27ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1852471722&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIoaLXkb_5ggMVnIz9Bx2xkAzE&is_vtc=1&ocp_id=DrhvZaHjCJyZ9u8PsaGyoAw&cid=CAQSKQDICaaNGIHzU4-JDZeVcrLuSDDN8bRqa0aARIEEmz_FOgfsfiE6mIr7&random=4104234657&ipr=y

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1852471722&cv=7&fst=1701820430115&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIoaLXkb_5ggMVnIz9Bx2xkAzE&is_vtc=1&ocp_id=DrhvZaHjCJyZ9u8PsaGyoAw&cid=CAQSKQDICaaNGIHzU4-JDZeVcrLuSDDN8bRqa0aARIEEmz_FOgfsfiE6mIr7&random=4104234657&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 22ms
20ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=BFA3F62C55784D2182047C15E7352BCF

43 B
847 B

9ms
8ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=BFA3F62C55784D2182047C15E7352BCF

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:50 GMT
an-x-request-uuid: 0f287903-667a-4e0f-b75c-474c124e4bac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=66&code=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BFA3F62C55784D2182047C15E7352BCF&expires=365

0
239 B

112ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BFA3F62C55784D2182047C15E7352BCF&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=BFA3F62C55784D2182047C15E7352BCF&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=BFA3F62C55784D2182047C15E7352BCF

43 B
264 B

68ms
21ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=BFA3F62C55784D2182047C15E7352BCF
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=BFA3F62C55784D2182047C15E7352BCF
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 23:53:50 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEAq2HWpC5eQze8HeoIrM_8k&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BFA3F62C55784D2182047C15E7352BCF
https://um.simpli.fi/g_match?id=

0
320 B

19ms
16ms

Image
text/plain

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 04 Dec 2023 23:53:50 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame F564 600 B
624 B 19ms
18ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 02:11:50 GMT
x-content-type-options: nosniff
age: 78120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 12 Dec 2023 02:11:50 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame F564 530 B
554 B 24ms
23ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:38:15 GMT
x-content-type-options: nosniff
age: 90935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Dec 2023 22:38:15 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame F564 665 B
689 B 24ms
23ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:00:32 GMT
x-content-type-options: nosniff
age: 309198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 09 Dec 2023 10:00:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F564 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 433614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F564 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:49:31 GMT
x-content-type-options: nosniff
age: 306259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 10:49:31 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F564 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 528743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:27 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame F564 57 KB
57 KB 29ms
26ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5xzC4rofTbKQednYB3WkM6VRKFaE2yGax1j0JmUp5hZJxGFx86B3j5rqlB2jp0WYbJLmMyta7MTG6E3Q1IWIvYycALhZy4sKCM3svlh-F15gKnuAXcS_4w86nzCi4tbSIkBvJu4VaMI_KMWP8y-yijDnS40pqjJf9otY7Wn6i-VEkVPgHtuse6Y0EfYBxPQyXQuMv0TvU8EU48pBlE-3ClGd9TxQ&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

288192c866072aea8e155b339c258ad99d25f56434f731d761cda175fef1a7f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:53:50 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 23:53:50 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 819ms
818ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Z1MJJ93WT3&gtm=45je3bt0v877995205z872250951&_p=1701820428193&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=723596071.1701820429&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Fbard.org%2F&dt=Utah%20Shakespeare%20Festival&sid=1701820428&sct=1&seg=0&en=visible&ep.site_section=Homepage&ep.page_type=Homepage&ep.site_property=Main%20Site&ep.page_module=Calendar&_et=7&tfd=7182
Requested by: Host: www.bard.org
URL: https://www.bard.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bard.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 23:53:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bard.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 21:02:52	Name: _GRECAPTCHA Value: 09AEovV3cmJ0bOA9Y63MApSyTeWOwQDwcfPJ0jb2azZEmzcdpTqemSqB2hwfmM-mFlbe4sgn2IBO-n-A898Gvzaus
.bard.org/	1970-01-20 18:53:16	Name: _gcl_au Value: 1.1.892811395.1701820429
.bard.org/	1970-01-21 02:19:40	Name: _ga Value: GA1.1.723596071.1701820429
.bard.org/	1970-01-21 02:19:40	Name: _ga_Z1MJJ93WT3 Value: GS1.1.1701820428.1.0.1701820428.60.0.0
.adnxs.com/	1970-01-20 18:53:16	Name: uuid2 Value: 8219722883133490270
.doubleclick.net/	1970-01-21 02:05:16	Name: IDE Value: AHWqTUmLI5MOMyURxymA4vSE3MJJALmSCc8UqCaPJLcAax8ZaFJf8HKInrCueEzL
.simpli.fi/	1970-01-21 01:30:42	Name: suid Value: BFA3F62C55784D2182047C15E7352BCF
.bard.org/	1970-01-20 18:53:16	Name: _fbp Value: fb.1.1701820429192.1619414419
.simpli.fi/	1970-01-20 16:53:45	Name: uid_syncd_secure Value: true
.1rx.io/	1970-01-21 01:29:16	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6ee1ddcf-aad0-4d78-8510-a3b309b76d65-003%22%7D
.tapad.com/	1970-01-20 18:10:04	Name: TapAd_TS Value: 1701820430243
.tapad.com/	1970-01-20 18:10:04	Name: TapAd_DID Value: 354df4ca-0737-414d-a132-ac930d924fa1
.adnxs.com/	1970-01-20 18:53:16	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2C'$d?F$o!]tbd8i_jC:lq+Z:3[>W#r9]VCAmX[S`dBQnobjSg(E#_dAE!a_w/wTM%eHmmU[aki'G=f=kW*g0D(K:$)O
.agkn.com/	1970-01-21 01:29:16	Name: ab Value: 0001%3AAxGLbwWTQjFPJvroQVEzbUhQB67Kh6bE
.tapad.com/	1970-01-20 18:10:04	Name: TapAd_3WAY_SYNCS Value:
.targeting.unrulymedia.com/	1970-01-21 01:29:16	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6ee1ddcf-aad0-4d78-8510-a3b309b76d65-003%22%7D
.agkn.com/	1970-01-21 01:29:16	Name: u Value: C\|0AAAAAAAALQJ0jgAAAAAA
.exelator.com/	1970-01-20 19:36:28	Name: EE Value: "013d2bca54fe4813cba72f882d075cc5"
.exelator.com/	1970-01-20 19:36:28	Name: ud Value: "eJxrXxzq6XKLQcHA0DjFKCk50dQkLdXEwtA4OSnR3CjNwsIoxcDcNDnZdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6IhfXxUUpaQyLSopPBR%252BTMwYArfMp1Q%253D%253D"
.bluekai.com/	1970-01-20 21:07:11	Name: bku Value: blx999bTqtDy/vyI
.bluekai.com/	1970-01-20 21:07:11	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDJsxEBsBMJeBEDlmeHW1MWT1M96B61hBDDl1pD0xABs9y9GSxrP
.bfmio.com/	1970-01-21 01:29:16	Name: __141_cid Value: BFA3F62C55784D2182047C15E7352BCF
.bfmio.com/	1970-01-21 01:29:16	Name: __io_cid Value: 82434bc5653d7a4ffa0561bf9289f4e1c221b70a

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bidagent.xad.com/conv/209269?ts=%pord=!?gtmcb=1493241733 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=BFA3F62C55784D2182047C15E7352BCF Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=BFA3F62C55784D2182047C15E7352BCF Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=BFA3F62C55784D2182047C15E7352BCF Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=8994978220125407764 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
bcp.crwdcntrl.net
bidagent.xad.com
cdn.calltrk.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
ka-f.fontawesome.com
kit.fontawesome.com
listgrowth.ctctcdn.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
s.ad.smaato.net
secure.adnxs.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.ctctcdn.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.bard.org
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.18.40.153
13.248.245.213
142.250.186.130
142.250.186.34
15.197.193.217
172.64.204.20
18.198.126.47
18.245.60.14
18.245.60.17
2.19.217.66
2001:4860:4802:34::36
216.52.2.48
2600:1901:0:8eee::
2600:1f18:612b:4280:bda1:9df6:36cc:93
2600:9000:2127:2e00:14:8fa:2140:93a1
2600:9000:2127:5e00:1b:5138:8a40:93a1
2606:4700:4400::ac40:93bc
2606:4700::6811:190e
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.65.68.8
34.111.113.62
34.255.67.121
34.91.62.186
34.98.64.218
35.234.162.151
35.244.174.68
37.252.171.52
46.228.174.117
52.54.191.112
52.57.111.197
54.173.224.136
65.9.66.111
65.9.95.70
65.9.99.119
69.173.144.139
019f8dd1dc92ab025e38bfbc96a13bc382f4314a95a86274cb650bab72c05830
04ec0263d406e2e385454d1856eec5285a9033f5e4a38c19cebade6e99eb57d3
0699e99712c4f32279d8c4a63982611703fdab65156195523fc3e213c2616766
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
17b82b88b81c58cd2612150d740e01f35e141c97f6a868b830648931deee2acf
1a502b538ba747d76e9078ad221b2281401552c90eec9e7d0be91cf53574d5ee
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1beb86fe3df6a2c2048e67d09b06b65f466d3a00b4a9b5bf453b15806bb42e3e
20a6eccca5cebe75a9abc3493a3b8dc2dfb3400c99072aebe5ae39a742ceac60
2287649032b8c615154642e55a5345f694576c899fedb14bcec15a7bc5dfa7dd
26477079ad2b5cebed544505bd0bd132381afcade0673461d121b9b3e70bbfbb
2650b061141cb8936446b656e4e5eaad6dc647af4a2381cd5b01fc83a8d36f10
288192c866072aea8e155b339c258ad99d25f56434f731d761cda175fef1a7f1
28870e225c9c20864e487cadb4b6bae03c5e487777b1fb2e9566d92662d70833
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2c5e5114c0d1904591ea2f8ca262c72005c16ea15a097d9e11c54978949a83
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
48a096bc26f116825ab36a5d600e611d115b8813fec614f6d193f3dea1cd38b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544caf2f35f849cb11a559ddec8995f3ff5b350d378e04771eb5c46b7622ba2e
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
596c70fba74fcacfdce7e6c937f1d5da2502bd98cb90c42c616d8d836a8bbe7a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b54c2847fb340ba5309ea4cfacca8a36926f6d97f0d3db5cde2325aefa016e8
6110639d11973a631f72c20b12e682278d1ba5840067bc75f5e81596165fd258
647f4c1b10452c889e38fd0e9d386d7c7a37169cd53b09048e5d7a205a4422ab
6494c5e5a07df15d8d97c1456e950ac0e7cd235e47f0550a011ccf63a91f6137
6adbd41f2d4de35907a4061decd54dbdc912c02dc90d0f43cda66d0f239929aa
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6f6e6dcb856d4bb787bebad7263c1ffe3a196e29c6fe25d52cd60c819677377e
7525beeaa4cfb2731bd3f3355d7170cf14431fb886574f2e7f5bcfb9c602bae8
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78ff6aca271cbfa200917f27bdb1763923e852271fb4ee4994f1a45ccb74140b
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b1f0ce0de00a8ed5b9db2f29605c575f95099fd6341be5948665972aa5611c3
8d4e7de637501c204e82b60b15bed1da3e62f7d42ad9d10fa1eb8284d7a2ed04
90505dcc890ac3734c27ff57d56b849090be7d81ffa21eb9ba2f3794a9a6c690
915313f442a6311b783f94c9d963ccab168fa17fcc70ca8d53e9bbc50cdb9f42
940977c9fd6682a5dd01d5ee01c4f66790acf8d2963bd3a80a2fdde9c6dbff3e
97ea83101e7357ac5e3babceae1b9fd8f20fe693305c05723f99e1779130afe4
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
9ebffa57f55c0e0b070b2378c78fee79b3f9041479cf00dc3b42315dd2e344aa
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a4fea7412f275ae9b1fef62b87fbc0aad71ac03b863f221ee77079194e58bd1c
a51ecf40f77aa6f9ac92e683703ed49d80ddc3a6ffb3d43b74cbc295e613c819
b49e28310b0675b74c12d744d92fd41a075efd42125a04f67fca4e836c1b95f3
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b7a95a7b4bc0965bf88bc261c410a0662309fce42271dc793bd1b9abb6767a8d
b7e03d37ba541223a86fb5fe7f8a19e97225549c2d25e1baa74b988891db42b0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c4020e309beb0ac946fac067f9c7210ddbc45f190da44961943d5e545996fcba
c423fa77c2e553343b1316a22b0107207106c9816130185c41410191685750b9
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cc75487ea5ae5e6cab27c457ee4bcb5a39ac8938159e46283ca447c516aa9782
cd31c3c316d63a8bf74362bc8aa96d43dec8be99f090e79fc7bbc7c7339bd0d4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e679adc3585ed70f5d16a032d52cb83db74b9fa1f101ab99bbc7d7cfe4efd820
eba285117d0429be310d08e19706f3e708c4d4f7bc61703c2199c39949340cc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f3cd49e572c39d747488e72a2af88417afc54672441b1fcb8c56e95e2f4713b1
f96e927aaf794bd419699518344cf7640c5aadad52b4c972b11ee0dc59c7733e
fc37dbf187bad6cbd2e9bb7e8d1af46cf52ba21a65021660eac09b3f9eed4ecc
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.bard.org Open in urlscan Pro 2600:9000:2127:2e00:14:8fa:2140:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

77 %HTTPS

39 %IPv6

35 Domains

46 Subdomains

39 IPs

8 Countries

4072 kBTransfer

7420 kBSize

23 Cookies

11 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bard.org Open in urlscan Pro
2600:9000:2127:2e00:14:8fa:2140:93a1 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

77 %
HTTPS

39 %
IPv6

35
Domains

46
Subdomains

39
IPs

8
Countries

4072 kB
Transfer

7420 kB
Size

23
Cookies

111 HTTP transactions
0 data transactions