urlscan.io logo urlscan.io
SecurityTrails logo

order.baysidemarketing-mn.com Open in urlscan Pro
2606:4700::6813:fe12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://booking.baysidemarketing-mn.com/
Effective URL: https://order.baysidemarketing-mn.com/
Submission: On March 31 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 31 HTTP transactions. The main IP is 2606:4700::6813:fe12, located in United States and belongs to CLOUDFLARENET, US. The main domain is order.baysidemarketing-mn.com.
TLS certificate: Issued by GTS CA 1P5 on March 21st 2024. Valid for: 3 months.
This is the only time order.baysidemarketing-mn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::43 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f14... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
2 20.120.65.166 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
31 14
4    2606:4700::6813:ff12 (United States)

ASN13335 (CLOUDFLARENET, US)
booking.baysidemarketing-mn.com
media.hd.pics
9    2606:4700::6813:fe12 (United States)

ASN13335 (CLOUDFLARENET, US)
order.baysidemarketing-mn.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:bdf::43 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.google.de
2    20.120.65.166 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
l.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
10 baysidemarketing-mn.com
booking.baysidemarketing-mn.com
order.baysidemarketing-mn.com
193 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 753
l.clarity.ms — Cisco Umbrella Rank: 6348
c.clarity.ms — Cisco Umbrella Rank: 1387
28 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 357
107 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
264 KB
3 hd.pics
media.hd.pics — Cisco Umbrella Rank: 549034
562 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182
72 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 245
760 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7099
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
255 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2655
54 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2042
264 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
274 B
1 gstatic.com
fonts.gstatic.com
45 KB
31 13
Domain Requested by
9 order.baysidemarketing-mn.com 1 redirects order.baysidemarketing-mn.com
3 www.googletagmanager.com order.baysidemarketing-mn.com
www.googletagmanager.com
3 media.hd.pics order.baysidemarketing-mn.com
3 ajax.googleapis.com order.baysidemarketing-mn.com
2 c.clarity.ms 1 redirects
2 l.clarity.ms www.clarity.ms
2 www.clarity.ms order.baysidemarketing-mn.com
www.clarity.ms
2 connect.facebook.net order.baysidemarketing-mn.com
connect.facebook.net
1 c.bing.com 1 redirects
1 www.google.de order.baysidemarketing-mn.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.facebook.com order.baysidemarketing-mn.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com order.baysidemarketing-mn.com
1 booking.baysidemarketing-mn.com 1 redirects
31 17

This site contains no links.

Subject Issuer Validity Valid
order.baysidemarketing-mn.com
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
hd.pics
E1		 2024-02-22 -
2024-05-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://order.baysidemarketing-mn.com/
Frame ID: 0E41AB8EF5AD13A1B7D588529103A161
Requests: 29 HTTP requests in this frame

Frame: https://order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: D61FCEBDA6C273DAD72E5073A2AD88B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

List of Sites :: Bayside Marketing

Page URL History Show full URLs

  1. https://booking.baysidemarketing-mn.com/ HTTP 302
    https://order.baysidemarketing-mn.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

31
Requests

94 %
HTTPS

80 %
IPv6

13
Domains

17
Subdomains

14
IPs

5
Countries

1270 kB
Transfer

2753 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booking.baysidemarketing-mn.com/ HTTP 302
    https://order.baysidemarketing-mn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Request Chain 26
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9C75008F9434468CA7A1CA4B501C8E04&RedC=c.clarity.ms&MXFR=1BC830CE9E0D6F6606B3249D9A0D6114 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9C75008F9434468CA7A1CA4B501C8E04&MUID=01510EC1E7506B7425851A92E6506AEC

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
order.baysidemarketing-mn.com/
Redirect Chain
  • https://booking.baysidemarketing-mn.com/
  • https://order.baysidemarketing-mn.com/
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2321d0bcebadd8da608894ad4656a2314ac0984faa812a9e4b457930c2e9bc1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
86cd39991fb33645-FRA
content-encoding
gzip
content-type
text/html
date
Sun, 31 Mar 2024 03:24:11 GMT
server
cloudflare
vary
Accept-Encoding
x-server
WEB106

Redirect headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
86cd3995588b39c4-FRA
content-type
text/html
date
Sun, 31 Mar 2024 03:24:10 GMT
location
https://order.baysidemarketing-mn.com/
server
cloudflare
x-server
WEB103
css
fonts.googleapis.com/ 		1 KB
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
beb761a0aff595ec9fa0d76354a16f4455fd3a5c827a3a2a881af72bf33778b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 31 Mar 2024 03:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 31 Mar 2024 01:47:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Mar 2024 03:24:11 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 18:28:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8324
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 18:28:11 GMT
all.min.css
order.baysidemarketing-mn.com/art/fa/css/ 		496 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://order.baysidemarketing-mn.com/art/fa/css/all.min.css
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 05 Oct 2023 18:01:20 GMT
server
cloudflare
etag
"202025f2b5f7d91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
x-server
WEB107
cf-ray
86cd399cd8e93645-FRA
expires
Mon, 01 Apr 2024 03:24:12 GMT
main.css
order.baysidemarketing-mn.com/art/ 		34 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://order.baysidemarketing-mn.com/art/main.css?v=291
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0fdd8b2603313b0143c28ed5e09486be51443a0220fa7ad857cb5c6205177eb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 19:04:17 GMT
server
cloudflare
etag
"19faa466b07fda1:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
x-server
WEB104
accept-ranges
bytes
cf-ray
86cd399cd8ea3645-FRA
content-length
9301
expires
Mon, 01 Apr 2024 03:24:12 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 10:16:13 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 12:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 12:06:59 GMT
jquery.ui.touch-punch.min.js
order.baysidemarketing-mn.com/js/ 		1 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://order.baysidemarketing-mn.com/js/jquery.ui.touch-punch.min.js
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 09 Apr 2021 15:48:09 GMT
server
cloudflare
etag
"199a73bd572dd71:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
x-server
WEB101
accept-ranges
bytes
cf-ray
86cd399cd8eb3645-FRA
content-length
809
expires
Mon, 01 Apr 2024 03:24:12 GMT
main.js
order.baysidemarketing-mn.com/js/ 		125 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.baysidemarketing-mn.com/js/main.js?v=291
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e71a7962b4ca56c89ec1c5a3e06e86fda743e8a6b0379d4d5e9770df8de6d79a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 19:07:07 GMT
server
cloudflare
etag
"4acd1cbb07fda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
x-server
WEB101
accept-ranges
bytes
cf-ray
86cd399cd8ed3645-FRA
content-length
40599
expires
Mon, 01 Apr 2024 03:24:12 GMT
apiv2.js
order.baysidemarketing-mn.com/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.baysidemarketing-mn.com/js/apiv2.js?v=291
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d73381ec9daafb1316b5893bb3c0c7e57241c074ac1fd4497c2e7daa81f34b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 26 Oct 2023 15:42:26 GMT
server
cloudflare
etag
"e29f3d5238da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
x-server
WEB107
accept-ranges
bytes
cf-ray
86cd399cd8ee3645-FRA
content-length
2175
expires
Mon, 01 Apr 2024 03:24:12 GMT
01v0emsxfq.png
media.hd.pics/1/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hd.pics/1/01v0emsxfq.png
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d068f63e7c71e2de5ac00c180a700bf2fc4cf4699d7d042feec9c19095757aa3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
allow-range
bytes
x-server
BOT03
content-disposition
filename=1/01v0emsxfq.png
hd-source
w-v1
cf-ray
86cd399d4b5f3661-FRA
content-length
5577
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 31 Mar 2024 03:24:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58040
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1294, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
3IVn5pSuhPDHOzo2C6HVn8vwBn4x9Iy1x3xazB5QhJsT7DIpk5p4bDdH/Sh/kYinAgxHB49VdbZMVZoC+osXKQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		257 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53dd2fd420be4d607b054bdedf69c281ee4385181733b403da8616eb8deded79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90157
x-xss-protection
0
last-modified
Sun, 31 Mar 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 31 Mar 2024 03:24:12 GMT
ks0vx48x2m
www.clarity.ms/tag/ 		650 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ks0vx48x2m
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
780c24db75ca7dd92250df36698f1c4f50c9f72b3f6f4cae23a2284b95d9edba

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Sun, 31 Mar 2024 03:24:12 GMT
x-azure-ref
20240331T032412Z-scr9zwadth53rdenpf43czc1ng0000000gsg000000006ner
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://order.baysidemarketing-mn.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 00:41:25 GMT
x-content-type-options
nosniff
age
441767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 00:41:25 GMT
main.js
order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame D61F
Redirect Chain
  • https://order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf9a4d8188230f23ad65561405dc03c18cf9184cf1a989ab7baef92bec50cf5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86cd39a0da4b3645-FRA

Redirect headers

date
Sun, 31 Mar 2024 03:24:12 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
86cd39a0aa393645-FRA
content-length
0
86cd39991fb33645
order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D61F 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/h/g/jsd/r/86cd39991fb33645
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
gzip
server
cloudflare
cf-ray
86cd39a38b4e3645-FRA
content-type
text/plain; charset=UTF-8
clarity.js
www.clarity.ms/s/0.7.26/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.26/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ks0vx48x2m
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
br
last-modified
Wed, 27 Mar 2024 19:34:44 GMT
etag
W/"0x8DC4E94F45C2BE5"
vary
Accept-Encoding
x-azure-ref
20240331T032412Z-scr9zwadth53rdenpf43czc1ng0000000gsg000000006nfa
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d1339745-401e-0078-7c9a-808d23000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
230469054215394
connect.facebook.net/signals/config/ 		65 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230469054215394?v=2.9.151&r=stable&domain=order.baysidemarketing-mn.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d848b2f7a7ee50b61dfeeb2ac342ec84af90d55c45d1af7f16089af51f34e048
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 31 Mar 2024 03:24:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=64, mss=1294, tbw=63220, tp=-1, tpl=-1, uplat=83, ullat=0
pragma
public
x-fb-debug
YP2ZU2tSBAb83jXhnut6+cSDUDafQ4IJBb/am5UIxcIPUXlSgSXd4Snn7ZS6MU7+ckWlow/cKmi85usiRpjdig==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1860ba4f4cec7168792ee26e30a73bcf68462e3d37babd0ba64d290b3140af12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90094
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 31 Mar 2024 03:24:12 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb25c8512d85b143a9f18e9547d1ef66fcc867febda940adc37ea46eac8918aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89119
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 31 Mar 2024 03:24:12 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230469054215394&ev=PageView&dl=https%3A%2F%2Forder.baysidemarketing-mn.com%2F&rl=&if=false&ts=1711855452971&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711855452967.893094714&cs_est=true&ler=empty&cdl=API_unavailable&it=1711855452821&coo=false&rqm=GET
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=10, mss=1294, tbw=2857, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 31 Mar 2024 03:24:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MWE46F19LM&gtm=45je43r0v9123082311z89119306395za200&_p=1711855452232&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=208268474.1711855453&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711855452&sct=1&seg=0&dl=https%3A%2F%2Forder.baysidemarketing-mn.com%2F&dt=List%20of%20Sites%20%3A%3A%20Bayside%20Marketing&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2640
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 31 Mar 2024 03:24:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://order.baysidemarketing-mn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PC2TQ5FC02&gtm=45je43r0v9119313763z89119306395za200&_p=1711855452232&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=208268474.1711855453&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711855453&sct=1&seg=0&dl=https%3A%2F%2Forder.baysidemarketing-mn.com%2F&dt=List%20of%20Sites%20%3A%3A%20Bayside%20Marketing&en=page_view&_fv=1&_ss=1&tfd=2710
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 31 Mar 2024 03:24:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://order.baysidemarketing-mn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PC2TQ5FC02&cid=208268474.1711855453&gtm=45je43r0v9119313763z89119306395za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 31 Mar 2024 03:24:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://order.baysidemarketing-mn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PC2TQ5FC02&cid=208268474.1711855453&gtm=45je43r0v9119313763z89119306395za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=2131608960
Requested by
Host: order.baysidemarketing-mn.com
URL: https://order.baysidemarketing-mn.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 31 Mar 2024 03:24:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
l.clarity.ms/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.26/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://order.baysidemarketing-mn.com
Date
Sun, 31 Mar 2024 03:24:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9C75008F9434468CA7A1CA4B501C8E04&RedC=c.clarity.ms&MXFR=1BC830CE9E0D6F6606B3249D9A0D6114
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9C75008F9434468CA7A1CA4B501C8E04&MUID=01510EC1E7506B7425851A92E6506AEC
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9C75008F9434468CA7A1CA4B501C8E04&MUID=01510EC1E7506B7425851A92E6506AEC
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://order.baysidemarketing-mn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Mar 2024 03:24:12 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 31 Mar 2024 03:24:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F9218A8326AF4B3A8BBF19DABEF1F684 Ref B: FRAEDGE1716 Ref C: 2024-03-31T03:24:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9C75008F9434468CA7A1CA4B501C8E04&MUID=01510EC1E7506B7425851A92E6506AEC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
k5ysg078fe.png
media.hd.pics/1/ 		277 KB
278 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.hd.pics/1/k5ysg078fe.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08aa5b54aa8e3520eb5a1a41780337b9cbeed88b15d17cce6cc76751f5559538

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
allow-range
bytes
x-server
BOT03
content-disposition
filename=1/k5ysg078fe.png
hd-source
w-v1
cf-ray
86cd39a68da03661-FRA
content-length
284131
collect
l.clarity.ms/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.26/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://order.baysidemarketing-mn.com
Date
Sun, 31 Mar 2024 03:24:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
k5ysg078fe.png
media.hd.pics/1/ 		277 KB
278 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.hd.pics/1/k5ysg078fe.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08aa5b54aa8e3520eb5a1a41780337b9cbeed88b15d17cce6cc76751f5559538

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://order.baysidemarketing-mn.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 03:24:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
allow-range
bytes
x-server
BOT07
content-disposition
filename=1/k5ysg078fe.png
hd-source
w-v1
cf-ray
86cd39aef8123661-FRA
content-length
284131

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal function| $ function| jQuery object| hd object| api function| fbq function| _fbq object| dataLayer function| clarity object| google_tag_manager object| google_tag_data object| gaGlobal

18 Cookies

Domain/Path Name / Value
.booking.baysidemarketing-mn.com/ Name: sid2
Value: 67E59569941F48E0949578E3A398A5DA
.order.baysidemarketing-mn.com/ Name: sid2
Value: 15ACB249A00847F292E9ED811544F50E
www.clarity.ms/ Name: CLID
Value: 029ef5a7ba594c9f8dc3333ffc1099fb.20240331.20250331
.order.baysidemarketing-mn.com/ Name: cf_clearance
Value: 0zEnogQ2fZhxY4sOhhGyJ3Xk65OAyQcGsCVNrP_xznc-1711855452-1.0.1.1-WciCJmW5KNLMwMjlUo8ghmBrV2USCtKXNO23_O.UFcyJfq2r7J2cUxjPgtZtOvjvRs2GHqu8GOJSAu_m5xP1Fg
.baysidemarketing-mn.com/ Name: _gcl_au
Value: 1.1.1309528608.1711855453
.baysidemarketing-mn.com/ Name: _clck
Value: 1otnld0%7C2%7Cfkj%7C0%7C1551
.baysidemarketing-mn.com/ Name: _fbp
Value: fb.1.1711855452967.893094714
.baysidemarketing-mn.com/ Name: _ga_MWE46F19LM
Value: GS1.1.1711855452.1.0.1711855452.0.0.0
.baysidemarketing-mn.com/ Name: _ga
Value: GA1.1.208268474.1711855453
.baysidemarketing-mn.com/ Name: _ga_PC2TQ5FC02
Value: GS1.1.1711855453.1.0.1711855453.60.0.0
.baysidemarketing-mn.com/ Name: _clsk
Value: bt4r2k%7C1711855453465%7C1%7C1%7Cl.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 01510EC1E7506B7425851A92E6506AEC
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 01510EC1E7506B7425851A92E6506AEC
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 01510EC1E7506B7425851A92E6506AEC
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

16 Console Messages

Source Level URL
Text
recommendation verbose URL: https://order.baysidemarketing-mn.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/230469054215394?v=2.9.151&r=stable&domain=order.baysidemarketing-mn.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://order.baysidemarketing-mn.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
booking.baysidemarketing-mn.com
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
l.clarity.ms
media.hd.pics
order.baysidemarketing-mn.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
142.250.181.227
20.120.65.166
2001:4860:4802:32::36
2606:4700::6813:fe12
2606:4700::6813:ff12
2620:1ec:bdf::43
2620:1ec:c11::200
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
68.219.88.97
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
08aa5b54aa8e3520eb5a1a41780337b9cbeed88b15d17cce6cc76751f5559538
0bf9a4d8188230f23ad65561405dc03c18cf9184cf1a989ab7baef92bec50cf5
1860ba4f4cec7168792ee26e30a73bcf68462e3d37babd0ba64d290b3140af12
2321d0bcebadd8da608894ad4656a2314ac0984faa812a9e4b457930c2e9bc1a
3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4d73381ec9daafb1316b5893bb3c0c7e57241c074ac1fd4497c2e7daa81f34b6
53dd2fd420be4d607b054bdedf69c281ee4385181733b403da8616eb8deded79
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5d0a9506ee0c2e64325d59451eff05b24df4cd07dc65f300b3bc39e28379640d
780c24db75ca7dd92250df36698f1c4f50c9f72b3f6f4cae23a2284b95d9edba
8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
bb25c8512d85b143a9f18e9547d1ef66fcc867febda940adc37ea46eac8918aa
beb761a0aff595ec9fa0d76354a16f4455fd3a5c827a3a2a881af72bf33778b3
d068f63e7c71e2de5ac00c180a700bf2fc4cf4699d7d042feec9c19095757aa3
d848b2f7a7ee50b61dfeeb2ac342ec84af90d55c45d1af7f16089af51f34e048
e0fdd8b2603313b0143c28ed5e09486be51443a0220fa7ad857cb5c6205177eb
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71a7962b4ca56c89ec1c5a3e06e86fda743e8a6b0379d4d5e9770df8de6d79a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e