urlscan.io logo urlscan.io
SecurityTrails logo

www.danfords.com Open in urlscan Pro
155.138.220.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tpgdanfords.com/
Effective URL: https://www.danfords.com/
Submission: On November 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 72 HTTP transactions. The main IP is 155.138.220.154, located in Atlanta, United States and belongs to AS-VULTR, US. The main domain is www.danfords.com.
TLS certificate: Issued by R11 on September 19th 2024. Valid for: 3 months.
This is the only time www.danfords.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
tpgdanfords.com
4    155.138.220.154 (Atlanta, United States)

ASN20473 (AS-VULTR, US)
PTR: 155.138.220.154.vultrusercontent.com
danfords.com
www.danfords.com
9    2600:9000:26db:ea00:10:b51d:2640:21 (United States)

ASN16509 (AMAZON-02, US)
d2u1x5mhtaiaop.cloudfront.net
5    2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
10    64.91.224.204 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.zambezimarketing.com
adawidget.zambezimarketing.com
adawidget.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    18.173.161.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-161-138.muc50.r.cloudfront.net
d2u1x5mhtaiaop.cloudfront.net
4    172.67.22.83 (United States)

ASN13335 (CLOUDFLARENET, US)
apps.elfsight.com
static.elfsight.com
7    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
1    161.35.224.114 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
tpghotelsandresorts.zambezimarketing.io
1    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net
www.google.com
3    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    2600:9000:2250:aa00:1d:40aa:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
p.relay-t.io
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
13953252.fls.doubleclick.net
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
27 cloudfront.net
d2u1x5mhtaiaop.cloudfront.net
3 MB
8 adawidget.com
adawidget.com — Cisco Umbrella Rank: 433220
29 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
668 KB
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
21 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
4 doubleclick.net
13953252.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 150
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
1 KB
4 elfsight.com
apps.elfsight.com — Cisco Umbrella Rank: 23133
static.elfsight.com — Cisco Umbrella Rank: 14311
17 KB
4 danfords.com
danfords.com
www.danfords.com
119 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
79 KB
3 gstatic.com
fonts.gstatic.com
56 KB
2 relay-t.io
p.relay-t.io — Cisco Umbrella Rank: 50898
5 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
2 zambezimarketing.com
adawidget.zambezimarketing.com — Cisco Umbrella Rank: 467937
15 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 zambezimarketing.io
tpghotelsandresorts.zambezimarketing.io
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 tpgdanfords.com
tpgdanfords.com
309 B
72 17
Domain Requested by
27 d2u1x5mhtaiaop.cloudfront.net www.danfords.com
8 adawidget.com www.danfords.com
8 www.googletagmanager.com www.danfords.com
www.googletagmanager.com
5 unpkg.com 3 redirects www.danfords.com
4 www.facebook.com www.danfords.com
3 connect.facebook.net www.danfords.com
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
3 www.danfords.com www.danfords.com
2 13953252.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 p.relay-t.io www.danfords.com
p.relay-t.io
2 static.elfsight.com www.danfords.com
2 apps.elfsight.com 2 redirects
2 adawidget.zambezimarketing.com www.danfords.com
adawidget.zambezimarketing.com
1 www.google.de www.danfords.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 ad.doubleclick.net www.danfords.com
1 www.google.com www.googletagmanager.com
1 tpghotelsandresorts.zambezimarketing.io www.danfords.com
1 fonts.googleapis.com www.danfords.com
1 danfords.com 1 redirects
1 tpgdanfords.com 1 redirects
72 22
Subject Issuer Validity Valid
danfords.com
R11		 2024-09-19 -
2024-12-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
adawidget.zambezimarketing.com
R11		 2024-10-18 -
2025-01-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
tpghotelsandresorts.zambezimarketing.io
R11		 2024-08-30 -
2024-11-28		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-10 -
2024-11-08		 3 months crt.sh
p.relay-t.io
Amazon RSA 2048 M02		 2024-04-30 -
2025-05-29		 a year crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.danfords.com/
Frame ID: DEE33A1068FAA4303B0AF18F07B9CA1D
Requests: 71 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.danfords.com
Frame ID: CF56742A4443CF9B2180B874557A5B12
Requests: 1 HTTP requests in this frame

Frame: https://13953252.fls.doubleclick.net/activityi;dc_pre=CPaB3MP6uYkDFWOzgwcd7rEMjQ;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9189601607z89170632895za201zb9170632895;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.danfords.com%2F
Frame ID: 81E434D8DFAD326E63C71A0430CDDA44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Danfords Hotel & Marinaâ„¢ A Boutique Hotel Port Jefferson NY

Page URL History Show full URLs

  1. https://tpgdanfords.com/ HTTP 301
    https://danfords.com/ HTTP 301
    https://www.danfords.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

72
Requests

94 %
HTTPS

38 %
IPv6

17
Domains

22
Subdomains

21
IPs

3
Countries

3694 kB
Transfer

16511 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tpgdanfords.com/ HTTP 301
    https://danfords.com/ HTTP 301
    https://www.danfords.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/htmx.org/dist/ext/disable-element.js HTTP 302
  • https://unpkg.com/htmx.org@1.9.12/dist/ext/disable-element.js
Request Chain 9
  • https://apps.elfsight.com/p/platform.js HTTP 301
  • https://static.elfsight.com/platform/platform.js
Request Chain 11
  • https://unpkg.com/alpinejs HTTP 302
  • https://unpkg.com/alpinejs@3.14.3 HTTP 302
  • https://unpkg.com/alpinejs@3.14.3/dist/cdn.min.js
Request Chain 33
  • https://apps.elfsight.com/p/platform.js HTTP 301
  • https://static.elfsight.com/platform/platform.js
Request Chain 55
  • https://13953252.fls.doubleclick.net/activityi;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9189601607z89170632895za201zb9170632895;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.danfords.com%2F HTTP 302
  • https://13953252.fls.doubleclick.net/activityi;dc_pre=CPaB3MP6uYkDFWOzgwcd7rEMjQ;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9189601607z89170632895za201zb9170632895;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.danfords.com%2F

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.danfords.com/
Redirect Chain
  • https://tpgdanfords.com/
  • https://danfords.com/
  • https://www.danfords.com/
74 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.138.220.154 Atlanta, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
155.138.220.154.vultrusercontent.com
Software
nginx-rc / ProcessWire CMS, ProCache
Resource Hash
7e4ad7814aa9d186be3d8cf1ea67a64e5ac170f8b72d7d135156612388dd8cff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Nov 2024 01:14:32 GMT
etag
W/"12852-625cea0d34e91"
last-modified
Fri, 01 Nov 2024 00:00:51 GMT
server
nginx-rc
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
ProcessWire CMS, ProCache
x-pwpc
ProCache
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

content-length
174
content-type
text/html
date
Fri, 01 Nov 2024 01:14:32 GMT
location
https://www.danfords.com/
server
nginx-rc/1.25.3.2
pwpc-9c1b3f0c1ae80798ba9a166fd0063e80ec919d06.css
d2u1x5mhtaiaop.cloudfront.net/assets/pwpc/ 		380 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/pwpc/pwpc-9c1b3f0c1ae80798ba9a166fd0063e80ec919d06.css
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
40902b4a8287ef38734895f75b15993fabf7a97bc1e7c91cba42b9ae57c0eb48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
gzip
etag
W/"672419bc-5ee58"
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 01:14:32 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
PbvujdouArdAU0baDGOAynR7wvqUZy8ScpEqBdc1NfAIpiJeJi1pkQ==
date
Fri, 01 Nov 2024 01:14:32 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 23:58:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
pwpc-d50fc0ee683a4c291af5da7b093bb8b94aac45a8.js
d2u1x5mhtaiaop.cloudfront.net/assets/pwpc/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/pwpc/pwpc-d50fc0ee683a4c291af5da7b093bb8b94aac45a8.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
aa369b8bbb395d0e885968fc51c990ada37417a2e025d652c0dff68047c5c546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
gzip
etag
W/"672419bc-990d"
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 01:14:32 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
MnkEhJ8lOVidc2A80Dp-oz6kFev821I4HXDIuH6BwRqTumMDVRfj4g==
date
Fri, 01 Nov 2024 01:14:32 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 23:58:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
disable-element.js
unpkg.com/htmx.org@1.9.12/dist/ext/
Redirect Chain
  • https://unpkg.com/htmx.org/dist/ext/disable-element.js
  • https://unpkg.com/htmx.org@1.9.12/dist/ext/disable-element.js
648 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/htmx.org@1.9.12/dist/ext/disable-element.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28de397d6b2cf85659dc6a2322bbdbed9eb615cb6d98c6f00b08922dfea7de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"288-QxoWFyjd1iEQuzOqMj2SraGZrl0"
age
5690342
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 01:14:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J691W518HK0XATEP6WBPCQ45-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8db807541dd1d9da-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/htmx.org@1.9.12/dist/ext/disable-element.js
content-encoding
br
cf-cache-status
EXPIRED
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8db80751dbe7d9da-FRA
access-control-allow-origin
*
date
Fri, 01 Nov 2024 01:14:32 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JBJMKKSNAJ0SXHJA0TYWXVG1-fra
server
cloudflare
globaljs.js
adawidget.zambezimarketing.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adawidget.zambezimarketing.com/globaljs.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
4626216257abdfcf254a4e46d57fbc988a7d378285a17a03637399ed71330e47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
content-encoding
br
expires
Sun, 01 Dec 2024 01:14:32 GMT
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
722
date
Fri, 01 Nov 2024 01:14:32 GMT
content-type
application/javascript
last-modified
Thu, 18 Jul 2019 19:02:57 GMT
vary
Accept-Encoding
server
LiteSpeed
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat&family=Playfair+Display&family=Roboto+Condensed&display=swap
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3412e4091d7fd0612eda254ebd3b15155a450fbed8fbbfaf19f3a9c8d80b49d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 01:14:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:32 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 01 Nov 2024 01:14:32 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
dji_0231-2-hdr.820x540.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/dji_0231-2-hdr.820x540.webp?qyfc6
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
beb797c589b020f2adb03baac6a7c9916b82d77bfd9915186d08b9c1ca7ca954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63ec16ac-1c8c0"
age
375625
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 16:54:08 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
IlnOxk2WfVXCz-eW67BKWQE0zxhE2SCfeAEYp-f33dxBw5cu-J6qLQ==
date
Sun, 27 Oct 2024 16:54:08 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Tue, 14 Feb 2023 23:18:04 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
116928
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
danfords-hotel-marina-spa.png
d2u1x5mhtaiaop.cloudfront.net/assets/files/1/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/1/danfords-hotel-marina-spa.png?zye6j
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
1335dc730a44d24825a8f04327cf8fec139dce98843ecdcbac8bc9c3046a0dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"64d2b9d1-2a57"
age
2092027
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 20:07:25 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
SByRcyjjBK1F51lp6txpQa-l-rDqjN5EWtoWI83UBauYbB0M2HjIqw==
date
Mon, 07 Oct 2024 20:07:25 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Tue, 08 Aug 2023 21:55:29 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10839
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
danfords_hotel_marina.png
d2u1x5mhtaiaop.cloudfront.net/assets/files/1/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/1/danfords_hotel_marina.png?zye41
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
22f8918321f57abeeac87ea2de625cad49cc5a1553df44b65dd0e3d356c0aab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"64d2b977-152b"
age
753668
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 07:53:24 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
gOq4A8tgK8b7oxZpXMEl-MAnB-JhjlfHNiMGjDDeiOZgPDE4LFNo5w==
date
Wed, 23 Oct 2024 07:53:24 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Tue, 08 Aug 2023 21:53:59 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5419
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
gift-card.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/1/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/1/gift-card.webp
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
1406055c6d44a6bfea0def853f241d09a116efe755e75a49d8931f29479a7df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"6549746e-715e"
age
965472
x-content-type-options
nosniff
expires
Tue, 19 Nov 2024 21:03:19 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
YFQPKKwS4owEbnaBSWpcAFI1evrIs8Wwez7UjtcXlbxff-ZbbkgMiA==
date
Sun, 20 Oct 2024 21:03:19 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Mon, 06 Nov 2023 23:19:10 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
29022
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
platform.js
static.elfsight.com/platform/
Redirect Chain
  • https://apps.elfsight.com/p/platform.js
  • https://static.elfsight.com/platform/platform.js
48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

x-envoy-upstream-healthchecked-cluster
content-encoding
gzip
cf-cache-status
HIT
etag
W/"9cb6cdfa853ae05f7abcff41c1cfd0af"
age
1616
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 01 Nov 2024 01:14:33 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 05:32:12 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
priority
u=3,i=?0
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
strict-transport-security
max-age=0
cache-control
max-age=3600
x-amz-request-id
tx000009816f5853648b0a3-006698eb70-5ac52b6e-sfo2a
cf-ray
8db80759efe3e50a-TXL
server
cloudflare

Redirect headers

strict-transport-security
max-age=0
cache-control
max-age=3600
location
https://static.elfsight.com/platform/platform.js
cf-ray
8db807578c3ce50a-TXL
expires
Fri, 01 Nov 2024 02:14:33 GMT
alt-svc
h3=":443"; ma=86400
content-length
167
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
shop.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/1/shop.webp
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
0d46dd0b7114c4df88a9639a6012299f91527d7218ea61eaec971482e7141858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"64ed34c2-4bc8"
age
753644
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 07:53:49 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
IOJssARC26nMuQlZxbSG3sYp32fRWh8qrwbG6U7ULacebOQxZ32cag==
date
Wed, 23 Oct 2024 07:53:49 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Mon, 28 Aug 2023 23:58:58 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
19400
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
cdn.min.js
unpkg.com/alpinejs@3.14.3/dist/
Redirect Chain
  • https://unpkg.com/alpinejs
  • https://unpkg.com/alpinejs@3.14.3
  • https://unpkg.com/alpinejs@3.14.3/dist/cdn.min.js
44 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/alpinejs@3.14.3/dist/cdn.min.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689f513978d11d69f4d33794f7296c9a586a2e55de79bb447cddbc3f474f9f07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"aefb-R6i+gIPjatYPNnhWV9PvyY0o02Q"
age
247430
x-content-type-options
nosniff
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JBB8MNHTZ96AF4YDM8M05AB4-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8db80759fbb1d9da-FRA
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
location
/alpinejs@3.14.3/dist/cdn.min.js
content-encoding
br
cf-cache-status
HIT
age
247201
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8db80757b930d9da-FRA
access-control-allow-origin
*
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JBB8VMX0K0RD55NRVCMTNCD4-fra
server
cloudflare
pwpc-9dd837ea34881ed081d9133c1fac7bef74246ec9.js
d2u1x5mhtaiaop.cloudfront.net/assets/pwpc/ 		379 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/pwpc/pwpc-9dd837ea34881ed081d9133c1fac7bef74246ec9.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
7430ed05d434762ecd13cdc37c61f5695205c4824d1c1643d18d0a2e5204af6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
gzip
etag
W/"672419bc-5ebb8"
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 01:14:33 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
I45k0MpJ60ZUa8dyzVd6SxbMZiXrpYbsfR4kXx2GxOSPzKjGw3NBGQ==
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 31 Oct 2024 23:58:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
lnr-icons.css
d2u1x5mhtaiaop.cloudfront.net/templates/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/templates/css/lnr-icons.css
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
52aace43c4f3dfc35c14c158e84c2889ee4bb4f4e3278e739c29895e5aefe02b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
gzip
etag
W/"6713bd10-227c"
age
1021326
x-content-type-options
nosniff
expires
Tue, 19 Nov 2024 05:32:26 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
L3s75RAemHiBI--ZUMCnybVEaaz_--F1ei52mfxFJv85vMOVkvyiGQ==
date
Sun, 20 Oct 2024 05:32:26 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Sat, 19 Oct 2024 14:07:12 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
checkUser
adawidget.zambezimarketing.com/api/ 		70 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adawidget.zambezimarketing.com/api/checkUser
Requested by
Host: adawidget.zambezimarketing.com
URL: https://adawidget.zambezimarketing.com/globaljs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
cd98baff7682c3e483df27c9d1ff22bdee9ce3aeb83959559cc45ae0981b3364

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.danfords.com/

Response headers

cache-control
no-cache, private
content-encoding
br
access-control-allow-credentials
1
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
x-ratelimit-remaining
59
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:32 GMT
x-ratelimit-limit
60
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
LiteSpeed
access-control-allow-headers
*
gtm.js
www.googletagmanager.com/ 		298 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NJRFSNV
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
398fe26a643bb2cd0cd98d956cbebe7e2171c28d6555982c6a8936ee76ac880c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 01 Nov 2024 01:14:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104510
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		293 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WWHHL7HD
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b593114cd342aec3e483228e809aa38649a3fd5f03cf30fc6bb105178fe340c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 01 Nov 2024 01:14:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102860
x-xss-protection
0
server
Google Tag Manager
danfords-hotel-marina-spa.png
d2u1x5mhtaiaop.cloudfront.net/assets/files/1/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/1/danfords-hotel-marina-spa.png?zye6j
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
1335dc730a44d24825a8f04327cf8fec139dce98843ecdcbac8bc9c3046a0dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"64d2b9d1-2a57"
age
2092027
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 20:07:25 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
SByRcyjjBK1F51lp6txpQa-l-rDqjN5EWtoWI83UBauYbB0M2HjIqw==
date
Mon, 07 Oct 2024 20:07:25 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Tue, 08 Aug 2023 21:55:29 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10839
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
danfords_hotel_marina.png
d2u1x5mhtaiaop.cloudfront.net/assets/files/1/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/1/danfords_hotel_marina.png?zye41
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:ea00:10:b51d:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
22f8918321f57abeeac87ea2de625cad49cc5a1553df44b65dd0e3d356c0aab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"64d2b977-152b"
age
753668
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 07:53:24 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
gOq4A8tgK8b7oxZpXMEl-MAnB-JhjlfHNiMGjDDeiOZgPDE4LFNo5w==
date
Wed, 23 Oct 2024 07:53:24 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Tue, 08 Aug 2023 21:53:59 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
5419
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
page6.jpg
www.danfords.com/site/assets/files/1/ 		97 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.danfords.com/site/assets/files/1/page6.jpg
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.138.220.154 Atlanta, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
155.138.220.154.vultrusercontent.com
Software
nginx-rc /
Resource Hash
b9f37d19a0fdeb6fd70d31eaa2c7eaf3039af9266661a4cbcfba394ea5d026d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
content-encoding
br
etag
W/"63473bc8-18444"
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 01:14:33 GMT
date
Fri, 01 Nov 2024 01:14:33 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 12 Oct 2022 22:12:24 GMT
server
nginx-rc
vary
Accept-Encoding
panel-bg.jpg
www.danfords.com/site/assets/files/1/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.danfords.com/site/assets/files/1/panel-bg.jpg
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.138.220.154 Atlanta, United States, ASN20473 (AS-VULTR, US),
Reverse DNS
155.138.220.154.vultrusercontent.com
Software
nginx-rc /
Resource Hash
cd3a9f6af81c5d8f54cdf18bc726d879cec21ec9161e8a5e55f3420f0d43bcfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
content-encoding
br
etag
W/"6347810d-5889"
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 01:14:33 GMT
date
Fri, 01 Nov 2024 01:14:33 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Thu, 13 Oct 2022 03:07:57 GMT
server
nginx-rc
vary
Accept-Encoding
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Playfair+Display&family=Roboto+Condensed&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.danfords.com
Referer
https://fonts.googleapis.com/

Response headers

age
122058
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:20:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:20:15 GMT
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20824
x-xss-protection
0
server
sffe
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Playfair+Display&family=Roboto+Condensed&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.danfords.com
Referer
https://fonts.googleapis.com/

Response headers

age
120954
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:38:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:38:39 GMT
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14940
x-xss-protection
0
server
sffe
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Playfair+Display&family=Roboto+Condensed&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.danfords.com
Referer
https://fonts.googleapis.com/

Response headers

age
121568
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:28:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:28:25 GMT
last-modified
Wed, 31 Jan 2024 23:15:04 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21904
x-xss-protection
0
server
sffe
dji_0231-2-hdr.820x540.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/ 		114 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/dji_0231-2-hdr.820x540.webp?qyfc6
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
beb797c589b020f2adb03baac6a7c9916b82d77bfd9915186d08b9c1ca7ca954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63ec16ac-1c8c0"
age
375625
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 16:54:08 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
IlnOxk2WfVXCz-eW67BKWQE0zxhE2SCfeAEYp-f33dxBw5cu-J6qLQ==
date
Sun, 27 Oct 2024 16:54:08 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Tue, 14 Feb 2023 23:18:04 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
116928
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
11-cdav5645.350x200.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/11-cdav5645.350x200.webp?p4ww5
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
329567bb8a52b39b285b4dc5f4a3d5dcbcd7b1bc17a12140d0001d93563e15b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63bd730b-3170"
age
381011
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 15:24:22 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pRPUWKk6lCxna_VBgYe2Lxdaw7Bc2g-UVE7VFAP1Xx-wIfBSlKIcEQ==
date
Sun, 27 Oct 2024 15:24:22 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Tue, 10 Jan 2023 14:15:39 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12656
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
102-3x2a8471.350x200.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/102-3x2a8471.350x200.webp?p4wwa
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
b13dd574f0e4a31c81d649b36f1126f01fa438fee3628af1f8ccb6fa22264c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63bd7310-3df4"
age
381011
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 15:24:22 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ZvetXi-0ZpbK7thW4XLoPq6fi91_xosbxjYsz9AYqF7EFwn3KRbTfw==
date
Sun, 27 Oct 2024 15:24:22 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Tue, 10 Jan 2023 14:15:44 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
15860
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
dji_0709-hdr.350x200.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/dji_0709-hdr.350x200.webp?kj92p
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
93c10ab3f633e87e0aefa48d29aa35669f6dc8c92e0b50ce5253b861dd3a0993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63478337-68ca"
age
375625
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 16:54:08 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Iol6BMRE8S0bCvUEeh8ui6RCj8UE4ajklkzq24CJthC7EQE--_49UA==
date
Sun, 27 Oct 2024 16:54:08 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Thu, 13 Oct 2022 03:17:11 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
26826
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
224-3x2a9284.350x200.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/224-3x2a9284.350x200.webp?p4wza
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
340823a6ec2bcc4992c0eb995e0e6ab0dafe86586db2ddd210c0b97d194e538b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63bd737c-26c4"
age
2351176
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 20:08:17 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pxfZaULQ0PzsMo1KucTYj_xpQNZOTEgzGAd07lNh8V7l1JkG5qEa_g==
date
Fri, 04 Oct 2024 20:08:17 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Tue, 10 Jan 2023 14:17:32 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9924
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
101-3x2a8467.350x200.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9874/101-3x2a8467.350x200.webp?p4wzc
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
a347d96a3a8322f7aa39353d876ca0d8c2aff2e9aebc6fe6cabe41683e598ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63bd737e-4ed6"
age
752137
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 08:18:56 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
J9sk-2kXzl5BX-pEqAPVGGA-A5dBZ-rVwROU8tL1mPhexbiwm3wz1Q==
date
Wed, 23 Oct 2024 08:18:56 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Tue, 10 Jan 2023 14:17:34 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
20182
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
23-3x2a1941.500x500.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/10070/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/10070/23-3x2a1941.500x500.webp?ozbi9
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
a69d59ed08a48ca20dc19b0723eda2fa39774953473d584c9d3da87c8ce8823d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63b97787-12f04"
age
375625
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 16:54:08 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pPVBX0VEJ2yfUlAbR-qSinRbxEMj-JGPC8G1X8JxqE4BFCAVvRH2Fg==
date
Sun, 27 Oct 2024 16:54:08 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Sat, 07 Jan 2023 13:45:43 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
77572
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
267-3x2a9608.500x500.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/10070/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/10070/267-3x2a9608.500x500.webp?ozbic
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
5c5b37b7cf1aa52932e9fbfbc0ca20331c33dc4b1fe1d6c7926962cbaea54438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"63b9778a-d712"
age
2217916
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 09:09:17 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
aCTt8yfhFhLRLpsTndRd5Tf7Wf0nnrRQ1I-FTt6zPZmH7SQTOTLE7w==
date
Sun, 06 Oct 2024 09:09:17 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Sat, 07 Jan 2023 13:45:46 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
55058
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
home.mp4
d2u1x5mhtaiaop.cloudfront.net/assets/files/10086/ 		10 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/10086/home.mp4
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc / ProcessWire CMS, ProCache
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.danfords.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"be57ef-5eae12cefaf80"
age
6605
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Uh_nn3Y-y0Agic_YraAkzWOoRCu_qz8bI5M8btHKkYlzB39WJDSxxg==
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
video/mp4
last-modified
Thu, 13 Oct 2022 02:22:06 GMT
x-pwpc
ProCache
x-frame-options
SAMEORIGIN, SAMEORIGIN
Content-Range
bytes 0-12474350/12474351
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
Content-Length
12474351
x-xss-protection
1; mode=block, 1; mode=block
x-amz-cf-pop
MUC50-P3
x-powered-by
ProcessWire CMS, ProCache
server
nginx-rc
platform.js
static.elfsight.com/platform/
Redirect Chain
  • https://apps.elfsight.com/p/platform.js
  • https://static.elfsight.com/platform/platform.js
48 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

x-envoy-upstream-healthchecked-cluster
content-encoding
gzip
cf-cache-status
HIT
etag
W/"9cb6cdfa853ae05f7abcff41c1cfd0af"
age
1616
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 01 Nov 2024 01:14:33 GMT
x-rgw-object-type
Normal
content-type
application/javascript
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 11 Jun 2024 05:32:12 GMT
priority
u=3,i=?0
cache-control
max-age=3600
x-amz-request-id
tx000009816f5853648b0a3-006698eb70-5ac52b6e-sfo2a
cf-ray
8db80759efe3e50a-TXL
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://static.elfsight.com/platform/platform.js
cf-ray
8db807578c3ce50a-TXL
expires
Fri, 01 Nov 2024 02:14:33 GMT
alt-svc
h3=":443"; ma=86400
content-length
167
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77557063a3d7a025c58339c6c5bea878c3f63e24dbe9a030327948ed81c5dd7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=UTF-8
acam5181_1_2.2000x1334.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9870/ 		534 KB
534 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9870/acam5181_1_2.2000x1334.webp?1lp92t
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
a96928918a955acc0c64aef0c99d9e63e29786d9c8979413b45387c1078fc83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"67000dbb-856fe"
age
375625
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 16:54:08 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ykmxZFvZI3sj9RxEs4LrdII4K2WvSSyJmd6LCCbpImkC5RbRL1TZyA==
date
Sun, 27 Oct 2024 16:54:08 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 15:46:03 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
546558
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
boutique_hotel_port_jefferson_ny.2000x1333.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9867/ 		345 KB
345 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9867/boutique_hotel_port_jefferson_ny.2000x1333.webp?1fqih1
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
4c411051f57c26305f389dc68960983741cbbfaf0ffacc2428e1571bc1c65278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"66672d8b-56338"
age
375625
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 16:54:08 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
tCVqBvHyRjFn1t4cmZ-G9kT7wT0B0UzZICkPodCdqj33u0wcgSrhVw==
date
Sun, 27 Oct 2024 16:54:08 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Mon, 10 Jun 2024 16:44:59 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
353080
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
2-cdav5542.2000x1334.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/11660/ 		333 KB
333 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/11660/2-cdav5542.2000x1334.webp?124dua
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
588a19857e94dd5701a7b333f5d917ba9655c19a0af1776941a25c566377c5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"650a3f98-53302"
age
375625
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 16:54:08 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
MLth7OHxWX2tQbIFKmDRnUrQ4xTJU8MHu1s1c_XJPqtSQlRH9EGBog==
date
Sun, 27 Oct 2024 16:54:08 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Wed, 20 Sep 2023 00:40:56 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
340738
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
icon1.png
adawidget.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adawidget.com/img/icon1.png
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
e55051ce22585a88c31c0cbb6ffd50b9fafcad4d3fc622837a6a06debe4f109e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
expires
Sun, 01 Dec 2024 01:14:33 GMT
accept-ranges
bytes
content-length
6356
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
image/png
last-modified
Thu, 13 Aug 2020 19:39:48 GMT
server
LiteSpeed
icon-2.png
adawidget.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adawidget.com/img/icon-2.png
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
537df509c78528c12152e53c17c667f0dada5efd1b3253d506b714ef8fe598e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
expires
Sun, 01 Dec 2024 01:14:33 GMT
accept-ranges
bytes
content-length
4410
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2019 13:51:33 GMT
server
LiteSpeed
keyboard.png
adawidget.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adawidget.com/img/keyboard.png
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
a894bfe2427a383c956e7cb4ca763472cb76d549efaaa9266157f290b0e059e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
expires
Sun, 01 Dec 2024 01:14:33 GMT
accept-ranges
bytes
content-length
4247
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2019 13:51:53 GMT
server
LiteSpeed
cursor.png
adawidget.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adawidget.com/img/cursor.png
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
832aa6ab42298dbfabc1988cf7682abb5b0df35aaffeea817dd4afae723e0b7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
expires
Sun, 01 Dec 2024 01:14:33 GMT
accept-ranges
bytes
content-length
3021
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2019 13:52:03 GMT
server
LiteSpeed
medium-brightness-cogwheel.png
adawidget.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adawidget.com/img/medium-brightness-cogwheel.png
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
e6ad7c6ef8adf4fe83597fb4a0c35575a55bc40610d92a60dc1a51a26b7ba858

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
expires
Sun, 01 Dec 2024 01:14:33 GMT
accept-ranges
bytes
content-length
2208
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2019 13:52:55 GMT
server
LiteSpeed
contrast.png
adawidget.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adawidget.com/img/contrast.png
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
4ab004994a60ce6b46ed02f78d9899d07f1a421171bf0d6b7929a950797754df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
expires
Sun, 01 Dec 2024 01:14:33 GMT
accept-ranges
bytes
content-length
1923
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2019 13:53:13 GMT
server
LiteSpeed
big-text.png
adawidget.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adawidget.com/img/big-text.png
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
5c3268884b4a6584f83aa77c4d39bfaff7321eae692600f8073cc2aa72af0a2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
expires
Sun, 01 Dec 2024 01:14:33 GMT
accept-ranges
bytes
content-length
3087
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2019 13:53:28 GMT
server
LiteSpeed
link-button.png
adawidget.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adawidget.com/img/link-button.png
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.91.224.204 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.zambezimarketing.com
Software
LiteSpeed /
Resource Hash
8e2701ab3ca25ffd0807d2478a0e0804dafb90240995ce3629bb5e0b50535159

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
public, max-age=2592000
expires
Sun, 01 Dec 2024 01:14:33 GMT
accept-ranges
bytes
content-length
4295
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
image/png
last-modified
Mon, 02 Sep 2019 13:53:41 GMT
server
LiteSpeed
properties.json
tpghotelsandresorts.zambezimarketing.io/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tpghotelsandresorts.zambezimarketing.io/properties.json
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.224.114 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc / ProcessWire CMS
Resource Hash
20cea47cc485d32b92faef3ee84b8416a25fdca59c9b49777052edcbf5f5a227
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

x-frame-options
SAMEORIGIN
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Fri, 01 Nov 2024 01:14:35 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
application/json
vary
Accept-Encoding
server
nginx-rc
x-powered-by
ProcessWire CMS
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.danfords.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1607348269.1730423674&auid=1864442463.1730423674&npa=1&gtm=45He4au0v9170632895za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&tft=1730423674269&tfd=3065&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWHHL7HD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers
destination
www.googletagmanager.com/gtag/ 		226 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-13953252&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWHHL7HD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
953f80fc284dbf9f87db3ca257aff0c2207340c324eec37833800d2001983ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 01 Nov 2024 01:14:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
82816
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		277 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11404745837&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWHHL7HD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c97aba58977f158e9682184b1c1843f304abc8d1107f75c6d9bcde119079e342
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 01 Nov 2024 01:14:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98005
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dnC9l3Cd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 01:14:34 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dnC9l3Cd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4454, tp=9, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
CYXVBjWzqzUoGqCrfBABaKX+bl8cAHjDc2vICouS3g6COl5OOzPgDWFuLXFF9T5B57m1EicRRjq+8jsNE6AVsQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62068
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		386 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RBDRX5KWQ4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJRFSNV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
737ab62c5884575598897838e8792fd59feffb32c94a5f0564c37e80528ad907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 01:14:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
129070
x-xss-protection
0
server
Google Tag Manager
wh.js
p.relay-t.io/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.relay-t.io/wh.js
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:aa00:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"53ab807de88f695459be24327e46aad6"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
wo958GtvXhdZCyJx_qj-NnP9vhKCsFSd-yz542RtctJoJ_Dc69cORg==
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 13:34:04 GMT
vary
Origin
x-frame-options
SAMEORIGIN
x-amz-meta-content-type
application/javascript
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4196
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		253 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-594525725
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJRFSNV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05dc6766d799f44e80160a8651bf868c53c61d03828ceccc2036c93084df63a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 01:14:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91930
x-xss-protection
0
server
Google Tag Manager
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame CF56 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.danfords.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWHHL7HD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 01:14:34 GMT
expires
Sat, 01 Nov 2025 01:14:34 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CPaB3MP6uYkDFWOzgwcd7rEMjQ;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
13953252.fls.doubleclick.net/ Frame 81E4
Redirect Chain
  • https://13953252.fls.doubleclick.net/activityi;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
  • https://13953252.fls.doubleclick.net/activityi;dc_pre=CPaB3MP6uYkDFWOzgwcd7rEMjQ;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;ua...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://13953252.fls.doubleclick.net/activityi;dc_pre=CPaB3MP6uYkDFWOzgwcd7rEMjQ;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9189601607z89170632895za201zb9170632895;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.danfords.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13953252&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.danfords.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
377
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 01:14:35 GMT
expires
Fri, 01 Nov 2024 01:14:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 01:14:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13953252.fls.doubleclick.net/activityi;dc_pre=CPaB3MP6uYkDFWOzgwcd7rEMjQ;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9189601607z89170632895za201zb9170632895;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.danfords.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=13953252;type=dfd000;cat=dmm-r0;ord=1345593215043;npa=1;auiddc=1864442463.1730423674;ps=1;pcor=347824540;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9189601607z89170632895za201zb9170632895;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101533422~101823848~101878899~101878944~101925629;epver=2;~oref=https%3A%2F%2Fwww.danfords.com%2F?
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 01 Nov 2024 01:14:34 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"5925402842723117367"}],"aggregatable_trigger_data":[{"filters":[{"14":["38270708"]}],"key_piece":"0x707c5e72c4c6bff1","source_keys":["12","13","14","15","16","17","18","19","20","21","20449624","20449625","20449626","20449627","20490460","20490461","20490462","20490463","22970676","22970677","22970678","22970679","24741464","24741465","24741466","24741467","26314636","26314637","26314638","26314639"]},{"key_piece":"0x74a77b8845397e33","not_filters":{"14":["38270708"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20449624","20449625","20449626","20449627","20490460","20490461","20490462","20490463","22970676","22970677","22970678","22970679","24741464","24741465","24741466","24741467","26314636","26314637","26314638","26314639"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20449624":65,"20449625":65,"20449626":65,"20449627":6356,"20490460":54,"20490461":54,"20490462":54,"20490463":5297,"21":6356,"22970676":327,"22970677":327,"22970678":327,"22970679":31784,"24741464":59,"24741465":59,"24741466":59,"24741467":5778,"26314636":50,"26314637":50,"26314638":50,"26314639":4889},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"3104073912057276835","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5925402842723117367","filters":[{"14":["38270708"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5925402842723117367","filters":[{"14":["38270708"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5925402842723117367","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5925402842723117367","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["13953252"]}}
content-type
image/png
x-xss-protection
0
server
cafe
1659122270787509
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1659122270787509?v=2.9.175&r=stable&domain=www.danfords.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
1ea79e646497031ad1f6e5865f4e471190d033ef5f891bf96c8c83f5e164ba43
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KxnodIQR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 01:14:34 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KxnodIQR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=72, mss=1232, tbw=70278, tp=65, tpl=0, uplat=158, ullat=0
pragma
public
x-fb-debug
+74jTZsiUy+J8pFTYBB8j0V3c6YvvAjseL8nQwKREu9Mt85Tcd5jYBPzahPLElpYWI9zEHI39uM8/MFlU64CZw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RBDRX5KWQ4&gtm=45je4au0v870827373z8890478718za200zb890478718&_p=1730423673249&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=978867656.1730423675&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1730423674&sct=1&seg=0&dl=https%3A%2F%2Fwww.danfords.com%2F&dt=Danfords%20Hotel%20%26%20Marina%E2%84%A2%20A%20Boutique%20Hotel%20Port%20Jefferson%20NY&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3478
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RBDRX5KWQ4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.danfords.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RBDRX5KWQ4&cid=978867656.1730423675&gtm=45je4au0v870827373z8890478718za200zb890478718&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RBDRX5KWQ4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.danfords.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RBDRX5KWQ4&cid=978867656.1730423675&gtm=45je4au0v870827373z8890478718za200zb890478718&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&tag_exp=101533422~101823848~101878899~101878944~101925629&z=163048169
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 01 Nov 2024 01:14:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=HA-75&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWHHL7HD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6d016e6ce9371f13bfa648fb8f6bae8c2fd4477421f145ef0db34bb4d0ff0d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 01:14:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:14:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
72581
x-xss-protection
0
server
Google Tag Manager
beat.js
p.relay-t.io/ 		21 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p.relay-t.io/beat.js?type=tg&idhotel=idH&pmsId=pms&tkraw=&tk=&ref=https%3A%2F%2Fwww.danfords.com%2F
Requested by
Host: p.relay-t.io
URL: https://p.relay-t.io/wh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:aa00:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"590efd78ccb474abbf45b795b73e37d8"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
BHNxscotZoWJFOKRKWX72HtGOrvKv7gGGjR9SRFWQalbzRCS5mfNGA==
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 13:34:05 GMT
vary
Origin
x-frame-options
SAMEORIGIN
x-amz-meta-content-type
application/javascript
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
21
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
234455939072936
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/234455939072936?v=2.9.175&r=stable&domain=www.danfords.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C200%2C199%2C201%2C206%2C207%2C208%2C204%2C196%2C132%2C134%2C163%2C195%2C197%2C122%2C157%2C145%2C151%2C129%2C232%2C116%2C126%2C127%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
62f0bf6bb8adcd9cb1c3fa16ce6887c62d5209271656018119c201fdcd7aa51e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-kJjdfuf3' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-kJjdfuf3' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=86, mss=1232, tbw=86470, tp=81, tpl=0, uplat=72, ullat=0
pragma
public
x-fb-debug
ADFEf13OJ80r6w8QoopNS7C2/JP2xZm4QuFBQzsBfcQsbLu5mxS4itDcMaIXNatFESpkqd183VM4SymZb7iHJQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1659122270787509&ev=PageView&dl=https%3A%2F%2Fwww.danfords.com%2F&rl=&if=false&ts=1730423674934&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12318&fbp=fb.1.1730423674915.818364145772663829&cs_est=true&ler=empty&cdl=API_unavailable&it=1730423674621&coo=false&rqm=GET
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1297, tbw=3002, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1659122270787509&ev=PageView&dl=https%3A%2F%2Fwww.danfords.com%2F&rl=&if=false&ts=1730423674934&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12318&fbp=fb.1.1730423674915.818364145772663829&cs_est=true&ler=empty&cdl=API_unavailable&it=1730423674621&coo=false&rqm=FGET
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432113092843348627"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432113092843348627", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
dXb2GK9ciPqd3BjQvFdUEm6HV/YxQeO8wlyaKNJWaxCHAjOaCmoTnsDr31gb7/T4nlcwQDkXxLaxtB746iZycw==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=19, mss=1297, tbw=3435, tp=-1, tpl=-1, uplat=180, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=234455939072936&ev=PageView&dl=https%3A%2F%2Fwww.danfords.com%2F&rl=&if=false&ts=1730423675099&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12318&fbp=fb.1.1730423674915.818364145772663829&ler=empty&cdl=API_unavailable&it=1730423674621&coo=false&rqm=GET
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1297, tbw=3284, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=234455939072936&ev=PageView&dl=https%3A%2F%2Fwww.danfords.com%2F&rl=&if=false&ts=1730423675099&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12318&fbp=fb.1.1730423674915.818364145772663829&ler=empty&cdl=API_unavailable&it=1730423674621&coo=false&rqm=FGET
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432113092881195967"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 01:14:35 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
YtPQBC+coWBIKCTHwkykfCB1BP/1j//hSG+H46MQ6T8Z7nrZm+75jRjiYh2XHW9DDheiLzEUdpSm8ZIw49GJHA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432113092881195967", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=19, mss=1297, tbw=6475, tp=-1, tpl=-1, uplat=295, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
labor_day_flash_sale_offer_cover_448_x_336_px_2.350x450.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/12450/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/12450/labor_day_flash_sale_offer_cover_448_x_336_px_2.350x450.webp
Requested by
Host: www.danfords.com
URL: https://www.danfords.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
1080b1be6653b1dad2953fb69e6912d9759a0a528dd5ae1879640fcd6dbdf384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"66e1c7e5-9cf4"
age
2217928
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 09:09:07 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
MFb0D5-CPY9HV76k5tBHxVggqrte3x0OLbQ2-ZwzNw_EHDkjNhwEdQ==
date
Sun, 06 Oct 2024 09:09:07 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Wed, 11 Sep 2024 16:40:05 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
40180
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
favi.png
d2u1x5mhtaiaop.cloudfront.net/assets/files/1/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/1/favi.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
bc89fa53a51ddd089ce1dea5dd74b519e484fb02ed1350cb9b2e84577a8938cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"64d2bbe5-40c"
age
965506
x-content-type-options
nosniff
expires
Tue, 19 Nov 2024 21:02:49 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
SHbF03H2fwpaIt5_K07afxv6G3fa98kx3iwdiaYu3xORawz3r51GRA==
date
Sun, 20 Oct 2024 21:02:49 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Tue, 08 Aug 2023 22:04:21 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1036
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
164-111a8465.2000x1333.webp
d2u1x5mhtaiaop.cloudfront.net/assets/files/9871/ 		846 KB
847 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/9871/164-111a8465.2000x1333.webp?1lp9ch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc /
Resource Hash
3db6b419434da72f930b6d3b757c37321bf35e786fb8602647ef41efde00a1b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.danfords.com/

Response headers

etag
"67000f17-d38fc"
age
2284902
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:32:55 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
htAEqvfJvbyHJQOs2RDHgDt6BWDxZFdz1vJojcI5PPYpm6ErEU1MHA==
date
Sat, 05 Oct 2024 14:32:55 GMT
content-type
image/webp
vary
Accept-Encoding
last-modified
Fri, 04 Oct 2024 15:51:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
866556
x-xss-protection
1; mode=block
x-amz-cf-pop
MUC50-P3
server
nginx-rc
home.mp4
d2u1x5mhtaiaop.cloudfront.net/assets/files/10086/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d2u1x5mhtaiaop.cloudfront.net/assets/files/10086/home.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.173.161.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-161-138.muc50.r.cloudfront.net
Software
nginx-rc / ProcessWire CMS, ProCache
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.danfords.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=10485760-

Response headers

etag
"be57ef-5eae12cefaf80"
age
6605
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Uh_nn3Y-y0Agic_YraAkzWOoRCu_qz8bI5M8btHKkYlzB39WJDSxxg==
date
Fri, 01 Nov 2024 01:14:33 GMT
content-type
video/mp4
last-modified
Thu, 13 Oct 2022 02:22:06 GMT
x-pwpc
ProCache
x-frame-options
SAMEORIGIN, SAMEORIGIN
Content-Range
bytes 10485760-12474350/12474351
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
accept-ranges
bytes
Content-Length
1988591
x-xss-protection
1; mode=block, 1; mode=block
x-amz-cf-pop
MUC50-P3
x-powered-by
ProcessWire CMS, ProCache
server
nginx-rc

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| htmx object| __config object| _0xf66b function| _0x3873 object| xhttp object| dataLayer function| adjustMargin function| adjustNavs function| getScrollPercent function| throttle function| debounce function| startVideos function| UIkit function| UIkitIcons function| $ function| jQuery function| zambeziModal string| script_text object| t object| __core-js_shared__ object| core object| eapps object| Alpine object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal function| gtag function| w_pLB function| w_insertTagFac function| w_getDomainR function| w_getUrlParams function| w_getUrlParams_f function| w_getUrlParams_f2 function| w_putC number| wh_inter function| check_idH function| _b_i_h

7 Cookies

Domain/Path Name / Value
.danfords.com/ Name: _gcl_au
Value: 1.1.1864442463.1730423674
.danfords.com/ Name: _ga_RBDRX5KWQ4
Value: GS1.1.1730423674.1.0.1730423674.60.0.0
.danfords.com/ Name: _ga
Value: GA1.1.978867656.1730423675
.danfords.com/ Name: _fbp
Value: fb.1.1730423674915.818364145772663829
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUm0bHoGpOYsW4pgd0GoX-CcobLTIT5-0c9nfY8uXWDytpgscOA3oCrvynvgTJc
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13953252.fls.doubleclick.net
ad.doubleclick.net
adawidget.com
adawidget.zambezimarketing.com
apps.elfsight.com
connect.facebook.net
d2u1x5mhtaiaop.cloudfront.net
danfords.com
fonts.googleapis.com
fonts.gstatic.com
p.relay-t.io
region1.analytics.google.com
static.elfsight.com
stats.g.doubleclick.net
tpgdanfords.com
tpghotelsandresorts.zambezimarketing.io
unpkg.com
www.danfords.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
142.250.181.230
142.250.184.200
142.250.186.166
142.250.186.67
142.250.186.99
15.197.225.128
155.138.220.154
157.240.0.6
161.35.224.114
172.217.18.4
172.67.22.83
18.173.161.138
2001:4860:4802:34::36
2600:9000:2250:aa00:1d:40aa:1fc0:93a1
2600:9000:26db:ea00:10:b51d:2640:21
2606:4700::6811:f6cb
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9a
2a03:2880:f177:185:face:b00c:0:25de
64.91.224.204
05dc6766d799f44e80160a8651bf868c53c61d03828ceccc2036c93084df63a8
0d46dd0b7114c4df88a9639a6012299f91527d7218ea61eaec971482e7141858
1080b1be6653b1dad2953fb69e6912d9759a0a528dd5ae1879640fcd6dbdf384
1335dc730a44d24825a8f04327cf8fec139dce98843ecdcbac8bc9c3046a0dc6
13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a
1406055c6d44a6bfea0def853f241d09a116efe755e75a49d8931f29479a7df0
1ea79e646497031ad1f6e5865f4e471190d033ef5f891bf96c8c83f5e164ba43
20cea47cc485d32b92faef3ee84b8416a25fdca59c9b49777052edcbf5f5a227
22f8918321f57abeeac87ea2de625cad49cc5a1553df44b65dd0e3d356c0aab9
329567bb8a52b39b285b4dc5f4a3d5dcbcd7b1bc17a12140d0001d93563e15b7
340823a6ec2bcc4992c0eb995e0e6ab0dafe86586db2ddd210c0b97d194e538b
3412e4091d7fd0612eda254ebd3b15155a450fbed8fbbfaf19f3a9c8d80b49d7
398fe26a643bb2cd0cd98d956cbebe7e2171c28d6555982c6a8936ee76ac880c
3db6b419434da72f930b6d3b757c37321bf35e786fb8602647ef41efde00a1b6
40902b4a8287ef38734895f75b15993fabf7a97bc1e7c91cba42b9ae57c0eb48
4626216257abdfcf254a4e46d57fbc988a7d378285a17a03637399ed71330e47
4ab004994a60ce6b46ed02f78d9899d07f1a421171bf0d6b7929a950797754df
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4c411051f57c26305f389dc68960983741cbbfaf0ffacc2428e1571bc1c65278
51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
52aace43c4f3dfc35c14c158e84c2889ee4bb4f4e3278e739c29895e5aefe02b
537df509c78528c12152e53c17c667f0dada5efd1b3253d506b714ef8fe598e0
588a19857e94dd5701a7b333f5d917ba9655c19a0af1776941a25c566377c5d4
5c3268884b4a6584f83aa77c4d39bfaff7321eae692600f8073cc2aa72af0a2e
5c5b37b7cf1aa52932e9fbfbc0ca20331c33dc4b1fe1d6c7926962cbaea54438
62f0bf6bb8adcd9cb1c3fa16ce6887c62d5209271656018119c201fdcd7aa51e
689f513978d11d69f4d33794f7296c9a586a2e55de79bb447cddbc3f474f9f07
6b593114cd342aec3e483228e809aa38649a3fd5f03cf30fc6bb105178fe340c
6d016e6ce9371f13bfa648fb8f6bae8c2fd4477421f145ef0db34bb4d0ff0d4c
737ab62c5884575598897838e8792fd59feffb32c94a5f0564c37e80528ad907
7430ed05d434762ecd13cdc37c61f5695205c4824d1c1643d18d0a2e5204af6d
77557063a3d7a025c58339c6c5bea878c3f63e24dbe9a030327948ed81c5dd7a
7e4ad7814aa9d186be3d8cf1ea67a64e5ac170f8b72d7d135156612388dd8cff
832aa6ab42298dbfabc1988cf7682abb5b0df35aaffeea817dd4afae723e0b7d
8e2701ab3ca25ffd0807d2478a0e0804dafb90240995ce3629bb5e0b50535159
93c10ab3f633e87e0aefa48d29aa35669f6dc8c92e0b50ce5253b861dd3a0993
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
953f80fc284dbf9f87db3ca257aff0c2207340c324eec37833800d2001983ac1
a347d96a3a8322f7aa39353d876ca0d8c2aff2e9aebc6fe6cabe41683e598ebf
a69d59ed08a48ca20dc19b0723eda2fa39774953473d584c9d3da87c8ce8823d
a894bfe2427a383c956e7cb4ca763472cb76d549efaaa9266157f290b0e059e6
a96928918a955acc0c64aef0c99d9e63e29786d9c8979413b45387c1078fc83c
aa369b8bbb395d0e885968fc51c990ada37417a2e025d652c0dff68047c5c546
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b13dd574f0e4a31c81d649b36f1126f01fa438fee3628af1f8ccb6fa22264c45
b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd
b9f37d19a0fdeb6fd70d31eaa2c7eaf3039af9266661a4cbcfba394ea5d026d1
bc89fa53a51ddd089ce1dea5dd74b519e484fb02ed1350cb9b2e84577a8938cb
beb797c589b020f2adb03baac6a7c9916b82d77bfd9915186d08b9c1ca7ca954
c97aba58977f158e9682184b1c1843f304abc8d1107f75c6d9bcde119079e342
cd3a9f6af81c5d8f54cdf18bc726d879cec21ec9161e8a5e55f3420f0d43bcfc
cd98baff7682c3e483df27c9d1ff22bdee9ce3aeb83959559cc45ae0981b3364
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
d28de397d6b2cf85659dc6a2322bbdbed9eb615cb6d98c6f00b08922dfea7de2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55051ce22585a88c31c0cbb6ffd50b9fafcad4d3fc622837a6a06debe4f109e
e6ad7c6ef8adf4fe83597fb4a0c35575a55bc40610d92a60dc1a51a26b7ba858
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191