Submitted URL: https://auth.zanderins.com/
Effective URL: https://www.zanderins.com/
Submission: On July 05 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 24 IPs in 4 countries across 15 domains to perform 56 HTTP transactions. The main IP is 23.22.169.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.zanderins.com. The Cisco Umbrella rank of the primary domain is 349899.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 5th 2021. Valid for: a year.
This is the only time www.zanderins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
10 20 23.22.169.128 14618 (AMAZON-AES)
12 13.32.121.121 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.51 16509 (AMAZON-02)
1 108.138.7.58 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.138.7.118 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
1 108.138.7.79 16509 (AMAZON-02)
3 108.138.7.107 16509 (AMAZON-02)
2 3.231.128.8 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 3.68.128.83 16509 (AMAZON-02)
1 18.66.139.84 16509 (AMAZON-02)
1 52.31.78.216 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
56 24
Apex Domain
Subdomains
Transfer
35 zanderins.com
auth.zanderins.com
zanderins.com — Cisco Umbrella Rank: 264340
www.zanderins.com — Cisco Umbrella Rank: 349899
static.zanderins.com
wp.zanderins.com
2 MB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 627
script.hotjar.com — Cisco Umbrella Rank: 904
vars.hotjar.com — Cisco Umbrella Rank: 917
in.hotjar.com — Cisco Umbrella Rank: 1509
68 KB
4 getdrip.com
tag.getdrip.com — Cisco Umbrella Rank: 18763
api.getdrip.com — Cisco Umbrella Rank: 20957
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 362
12 KB
3 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5105
buttons-config.sharethis.com — Cisco Umbrella Rank: 5842
l.sharethis.com — Cisco Umbrella Rank: 4810
44 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5448
608 B
2 google.com
www.google.com — Cisco Umbrella Rank: 8
608 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
514 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
388 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
110 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
2 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1355
42 KB
1 cloudfront.net
d14jnfavjicsbe.cloudfront.net
29 KB
1 gstatic.com
fonts.gstatic.com
25 KB
56 15
Domain Requested by
19 www.zanderins.com 9 redirects www.zanderins.com
12 static.zanderins.com www.zanderins.com
3 www.google-analytics.com www.zanderins.com
www.google-analytics.com
3 api.getdrip.com d14jnfavjicsbe.cloudfront.net
3 bat.bing.com www.zanderins.com
bat.bing.com
2 www.google.de www.zanderins.com
2 www.google.com www.zanderins.com
2 stats.g.doubleclick.net www.google-analytics.com
2 wp.zanderins.com www.zanderins.com
2 www.facebook.com www.zanderins.com
2 connect.facebook.net www.zanderins.com
connect.facebook.net
2 fonts.googleapis.com www.zanderins.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 www.googleoptimize.com www.zanderins.com
1 script.hotjar.com static.hotjar.com
1 d14jnfavjicsbe.cloudfront.net tag.getdrip.com
1 static.hotjar.com www.zanderins.com
1 fonts.gstatic.com fonts.googleapis.com
1 tag.getdrip.com www.zanderins.com
1 platform-api.sharethis.com www.zanderins.com
1 zanderins.com 1 redirects
1 auth.zanderins.com 1 redirects
56 25
Subject Issuer Validity Valid
www.zanderins.com
Go Daddy Secure Certificate Authority - G2
2021-11-05 -
2022-11-22
a year crt.sh
static.zanderins.com
Amazon
2021-12-28 -
2023-01-26
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
sharethis.com
Amazon
2022-06-19 -
2023-07-18
a year crt.sh
*.getdrip.com
Amazon
2022-01-28 -
2023-02-26
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-04-16 -
2022-07-15
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-06-10 -
2022-12-10
6 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
wp.zanderins.com
Amazon
2021-11-01 -
2022-11-29
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.de
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.zanderins.com/
Frame ID: 40A67493AB7CA3CA01FC830F15619BB0
Requests: 67 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: F1DCAF52799F4D13950B8B7CDE4EE0DE
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Zander Insurance – Endorsed By Dave Ramsey | Official Site

Page URL History Show full URLs

  1. https://auth.zanderins.com/ HTTP 302
    https://zanderins.com/ HTTP 301
    https://www.zanderins.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

56
Requests

84 %
HTTPS

54 %
IPv6

15
Domains

25
Subdomains

24
IPs

4
Countries

2306 kB
Transfer

9135 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.zanderins.com/ HTTP 302
    https://zanderins.com/ HTTP 301
    https://www.zanderins.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.zanderins.com/static/images/homepage/dave-hero-homepage.png HTTP 302
  • https://static.zanderins.com/static/images/homepage/dave-hero-homepage.png
Request Chain 10
  • https://www.zanderins.com/static/images/homepage/banner-content.png HTTP 302
  • https://static.zanderins.com/static/images/homepage/banner-content.png
Request Chain 11
  • https://www.zanderins.com/static/images/homepage/ipad-banner-content.png HTTP 302
  • https://static.zanderins.com/static/images/homepage/ipad-banner-content.png
Request Chain 12
  • https://www.zanderins.com/static/images/homepage/mobile-banner-content.png HTTP 302
  • https://static.zanderins.com/static/images/homepage/mobile-banner-content.png
Request Chain 13
  • https://www.zanderins.com/static/images/ramsey-show-logo-white.svg HTTP 302
  • https://static.zanderins.com/static/images/ramsey-show-logo-white.svg
Request Chain 14
  • https://www.zanderins.com/static/images/homepage/carrier-logos/zLogos1.svg HTTP 302
  • https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos1.svg
Request Chain 15
  • https://www.zanderins.com/static/images/homepage/carrier-logos/zLogos2.svg HTTP 302
  • https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos2.svg
Request Chain 16
  • https://www.zanderins.com/static/images/homepage/carrier-logos/zLogos3.svg HTTP 302
  • https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos3.svg
Request Chain 22
  • https://www.zanderins.com/static/js/outdatedbrowser.min.js HTTP 302
  • https://static.zanderins.com/static/js/outdatedbrowser.min.js

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.zanderins.com/
Redirect Chain
  • https://auth.zanderins.com/
  • https://zanderins.com/
  • https://www.zanderins.com/
130 KB
32 KB
Document
General
Full URL
https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a3fca3c39d2c2e18bc750c67a50f20348491ab5ea92d8da6a2558b0317d21912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 14:51:53 GMT
etag
"20698-ofrONqSdjPdnr3nbdAObAXfBr5I"
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
162
content-type
text/html
date
Tue, 05 Jul 2022 14:51:52 GMT
location
https://www.zanderins.com/
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
homepage.js
www.zanderins.com/_next/static/ZJ8ItCQCUkQ9lC8_2U_uL/pages/
5 MB
923 KB
Script
General
Full URL
https://www.zanderins.com/_next/static/ZJ8ItCQCUkQ9lC8_2U_uL/pages/homepage.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bc9ff20129fd65e7107f73f7683a181c94966abd22c80d2e08c3a892e6cb6835
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:09:00 GMT
server
nginx
etag
W/"49812e-181971e14e0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
_app.js
www.zanderins.com/_next/static/ZJ8ItCQCUkQ9lC8_2U_uL/pages/
127 KB
39 KB
Script
General
Full URL
https://www.zanderins.com/_next/static/ZJ8ItCQCUkQ9lC8_2U_uL/pages/_app.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6653f96a30e135446a2d31d062348a741205b8d29b4c34888fe171c8c3ed160c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:09:00 GMT
server
nginx
etag
W/"1fa96-181971e14e0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
0953.9723b35a2dfb7c476acb.js
www.zanderins.com/_next/static/chunks/
49 KB
14 KB
Script
General
Full URL
https://www.zanderins.com/_next/static/chunks/0953.9723b35a2dfb7c476acb.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
08a56df3fadff24745a710659bf600d95d410d7acc8c73c703f1374a4cb13c76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:08:59 GMT
server
nginx
etag
W/"c487-181971e10f8"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
webpack-acbca6427876e1efa55e.js
www.zanderins.com/_next/static/runtime/
2 KB
2 KB
Script
General
Full URL
https://www.zanderins.com/_next/static/runtime/webpack-acbca6427876e1efa55e.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
66861c21d852cadae40940a6fb80cac7af48c07c87ed2641af77d7056eff33ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:09:00 GMT
server
nginx
etag
W/"8de-181971e14e0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
commons.e7a259eb57af8d334329.js
www.zanderins.com/_next/static/chunks/
987 KB
288 KB
Script
General
Full URL
https://www.zanderins.com/_next/static/chunks/commons.e7a259eb57af8d334329.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
949760cf8f3c2575ede46c1f81808ce78c9384e8b3981f1efc27c4ce2a560c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:09:00 GMT
server
nginx
etag
W/"f6d41-181971e14e0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
styles.79307f4dbd9712ee3ab3.js
www.zanderins.com/_next/static/chunks/
6 KB
2 KB
Script
General
Full URL
https://www.zanderins.com/_next/static/chunks/styles.79307f4dbd9712ee3ab3.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3b10e585e2ae5c3ea2848231d780abacef71b56b333bb3172955dd20cec060a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:09:00 GMT
server
nginx
etag
W/"1949-181971e14e0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
main-2e06c8b20a0fe256cfbb.js
www.zanderins.com/_next/static/runtime/
113 KB
40 KB
Script
General
Full URL
https://www.zanderins.com/_next/static/runtime/main-2e06c8b20a0fe256cfbb.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c9813c2cc64b4fc84b1981e7bb13f183477c762eba1bdecc1e2cd7e2d9309708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:09:00 GMT
server
nginx
etag
W/"1c365-181971e14e0"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
commons.53b7ea74.chunk.css
www.zanderins.com/_next/static/chunks/
805 KB
135 KB
Stylesheet
General
Full URL
https://www.zanderins.com/_next/static/chunks/commons.53b7ea74.chunk.css
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8ade27b634105c0b258314ead388f4532b5b7a1484349d8aa32fb11319bd4878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:09:00 GMT
server
nginx
etag
W/"c95ef-181971e14e0"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
styles.2b9972fd.chunk.css
www.zanderins.com/_next/static/chunks/
306 KB
51 KB
Stylesheet
General
Full URL
https://www.zanderins.com/_next/static/chunks/styles.2b9972fd.chunk.css
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.169.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-169-128.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2bc3dba2a0100387750269db4a5efa89d03616cfe781b309f43a69096f8f8315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 19:09:00 GMT
server
nginx
etag
W/"4c601-181971e14e0"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
dave-hero-homepage.png
static.zanderins.com/static/images/homepage/
Redirect Chain
  • https://www.zanderins.com/static/images/homepage/dave-hero-homepage.png
  • https://static.zanderins.com/static/images/homepage/dave-hero-homepage.png
14 KB
14 KB
Image
General
Full URL
https://static.zanderins.com/static/images/homepage/dave-hero-homepage.png
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8da2e97242b8a4271d6fab2c5db84cf098ba77962269e30eb7c7b73bfaf3803

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 07:39:39 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Mon, 30 Aug 2021 20:12:52 GMT
server
AmazonS3
age
803535
etag
"875009151fa2cb2cef45060661cd2ade"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
14244
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-request-id
BVCQ20M78H4SCYH4
x-amz-id-2
TGASu0z39VlsSUiEdTjS5YR7qcGx0tBu4bJJWoiNoqmLQqGOfp4/d7i8HOE88JvNncLUEkrR0/U=
x-amz-cf-id
BtP9y4UxD4Jhx6SOnSdueZnKTdID4xHxUNSHtWHOz6jd9nwBpbZ63A==

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/images/homepage/dave-hero-homepage.png
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
96
x-xss-protection
1; mode=block
banner-content.png
static.zanderins.com/static/images/homepage/
Redirect Chain
  • https://www.zanderins.com/static/images/homepage/banner-content.png
  • https://static.zanderins.com/static/images/homepage/banner-content.png
16 KB
16 KB
Image
General
Full URL
https://static.zanderins.com/static/images/homepage/banner-content.png
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a38ce420bbf96d7fee5cd88674cfb8faeaac522998f201f5f3897f7ab4158cd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 07:39:41 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 19:14:57 GMT
server
AmazonS3
age
803534
etag
"4e1bc6f20f6c1b5feb01d8c412cc4197"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
15896
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-request-id
CN8W2WR6NC9JJQ60
x-amz-id-2
gpl5/YJjIOPl7lbSacPIrRkUIZ0W0qKpkud+LTWR5L/OTS3n2jhnNmEq+3rkvySqzMN4jPTptuI=
x-amz-cf-id
InEO46-l-G3GtNIGPoZqAtarg2IvooQv_iti0wK8Fn0CDuQ-b38l8A==

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/images/homepage/banner-content.png
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
92
x-xss-protection
1; mode=block
ipad-banner-content.png
static.zanderins.com/static/images/homepage/
Redirect Chain
  • https://www.zanderins.com/static/images/homepage/ipad-banner-content.png
  • https://static.zanderins.com/static/images/homepage/ipad-banner-content.png
40 KB
40 KB
Image
General
Full URL
https://static.zanderins.com/static/images/homepage/ipad-banner-content.png
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f18c681b77d84f4fbc5a93c3667deac93709ffd9451a6e30e33ba1d4c811f237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 07:39:41 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 19:14:57 GMT
server
AmazonS3
age
803534
etag
"1530aefb1e1b7bb821bcd22a83dd8a64"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
40600
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-request-id
CN8Y620K2PAQCZJC
x-amz-id-2
aHpHdoETkh1YU9dFn7Weyv4jTMtfszyCCtKj6g7Xyai/d65yQDtT8YEYUTKqaMIUxZ7IX9fMcns=
x-amz-cf-id
7nXgvS8jHNoJR8T7tCXDne90CIBOifc6ZsS70rB3c6d5mXyOUqPMog==

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/images/homepage/ipad-banner-content.png
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
97
x-xss-protection
1; mode=block
mobile-banner-content.png
static.zanderins.com/static/images/homepage/
Redirect Chain
  • https://www.zanderins.com/static/images/homepage/mobile-banner-content.png
  • https://static.zanderins.com/static/images/homepage/mobile-banner-content.png
67 KB
68 KB
Image
General
Full URL
https://static.zanderins.com/static/images/homepage/mobile-banner-content.png
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dc5fcc97894072e87333bc38b0b9dbf5dcdcc75807763c40972ee1af19fe118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 07:39:39 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 19:14:59 GMT
server
AmazonS3
age
803535
etag
"b0b598090fc6e6e2b0a7ad418c45e6f9"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
68766
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-request-id
BVCQQWPMEWMQK96G
x-amz-id-2
dldCjjLqjCXzbx2YRqqxrGdZDZV6gcZnDiD04yVLhsnmt/5VvaGAtp3vPsFgGB39YpRKdJtOQR4=
x-amz-cf-id
PjYqRSZoJyd4OuRsJmTgk9-npTS_p8DrdwyGHjd9-Z-jL6Hg6_yKnQ==

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/images/homepage/mobile-banner-content.png
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
99
x-xss-protection
1; mode=block
ramsey-show-logo-white.svg
static.zanderins.com/static/images/
Redirect Chain
  • https://www.zanderins.com/static/images/ramsey-show-logo-white.svg
  • https://static.zanderins.com/static/images/ramsey-show-logo-white.svg
8 KB
3 KB
Image
General
Full URL
https://static.zanderins.com/static/images/ramsey-show-logo-white.svg
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48d24dfe219bd1954bd3c515bf98dcb72500d0772f485fbfdd034be1656275d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:04:01 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 19:09:16 GMT
server
AmazonS3
age
67673
etag
W/"bf79aef1ff9d7ab722fffba7ee596ffc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-request-id
V8SS5ZP0KSTSFC0D
x-amz-cf-id
HnG2P8X9TL9-r-x0ENvBtF_edNy64w1YuLt7WjNEo_mUBBo6oyVczw==
x-amz-id-2
tvxf466uAnZW8Lel19lVNrh5XFuesAnmUOFwLpw4lXcWS6k+/h452r74xJOnUj8fMzFVC+GHV9P4RxswIOTLxA==

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/images/ramsey-show-logo-white.svg
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
91
x-xss-protection
1; mode=block
zLogos1.svg
static.zanderins.com/static/images/homepage/carrier-logos/
Redirect Chain
  • https://www.zanderins.com/static/images/homepage/carrier-logos/zLogos1.svg
  • https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos1.svg
169 KB
60 KB
Image
General
Full URL
https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos1.svg
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61aa9331a4f890cb379d2482468c7db6d1cb9d9fbfe8781c1591244a4cf279f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:04:01 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 19:09:14 GMT
server
AmazonS3
age
67673
etag
W/"7ce099234e22532f092dfda2399da624"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-request-id
V8SZFW47219MAJA8
x-amz-cf-id
vWw7QgYSfrUVqSuBcOeVjCcF4IuEMcAm0NyLxMFxu2715eUUNhZnug==
x-amz-id-2
7u//mzA1y2A+M8hit5o3hP7puScfzkgkvhAMNoPjfei95KvSWNYiSc3ydZJpd9XsMIz6UY1TlJs=

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos1.svg
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
99
x-xss-protection
1; mode=block
zLogos2.svg
static.zanderins.com/static/images/homepage/carrier-logos/
Redirect Chain
  • https://www.zanderins.com/static/images/homepage/carrier-logos/zLogos2.svg
  • https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos2.svg
226 KB
78 KB
Image
General
Full URL
https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos2.svg
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa7f51d7025303ff95350a7783ce9c4a703909871000d04faaf559babb3436e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 20:04:01 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 19:09:14 GMT
server
AmazonS3
age
67673
etag
W/"5f80b8491f2431b502b0d2711d898ee6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-request-id
V8SSDVZC2PPF4SXR
x-amz-cf-id
wIShMqNubldOK1WX4XVRNR_0ru7UNWw9ilQzxovyHv99UBxBVCF_bg==
x-amz-id-2
adbdo6U+cnX+twsYQfceVE+mTGydC6uaXlrwI72vh8cKt23HJZ9ZDRp/jJCE2Ak1+QRaO7i69Q4=

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos2.svg
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
99
x-xss-protection
1; mode=block
zLogos3.svg
static.zanderins.com/static/images/homepage/carrier-logos/
Redirect Chain
  • https://www.zanderins.com/static/images/homepage/carrier-logos/zLogos3.svg
  • https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos3.svg
116 KB
87 KB
Image
General
Full URL
https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos3.svg
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66242263e832342f95fd52ad1c589a3197feebad0c6e7392f86578d96bc0e615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 10:15:47 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 19:09:14 GMT
server
AmazonS3
age
16567
etag
W/"8b1c9681edb42bcae0a02abbbb32ba3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-request-id
1KSQC6CQGDE98T97
x-amz-cf-id
10rpi635BH-2wzkBHj614CZiFL89l00eB6tFb3tyaWRhtfJ1FzLDrg==
x-amz-id-2
2ftq1hZENQFtlL2VpHkodE2EkOK5V7zXyKLZm5caIFWHwMKeC5xshMiCbpq5e0H1y6gyGvEl7W8=

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/images/homepage/carrier-logos/zLogos3.svg
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
99
x-xss-protection
1; mode=block
wholevstermlifeinsurance.png
static.zanderins.com/wp-content/uploads/2020/01/21202141/
19 KB
20 KB
Image
General
Full URL
https://static.zanderins.com/wp-content/uploads/2020/01/21202141/wholevstermlifeinsurance.png
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba5c8ce3c499ed91486b1e38246924fb514559c5fd73a61cb3ead97d4605e8f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 07:39:39 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 14:52:24 GMT
server
AmazonS3
age
803535
etag
"c8a49534682ca357127fc23d2fb1457e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
19884
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-request-id
BVCS1TS7HFC8T7P9
x-amz-id-2
IxKwFcn3dtUEMg18q5JzT6xy9B7Iyke5gdcZwFK4MgXfZK4k9TylIlPpWhnAd23p1X/j8XajUlw=
x-amz-cf-id
ffytbyTNZrMJh4CJig-96MRso2_kxC9AxwrE3R-GSmGb_TnO4fQrjw==
Who-Needs-TL-Blog-Header.png
static.zanderins.com/wp-content/uploads/2019/08/29194036/
14 KB
14 KB
Image
General
Full URL
https://static.zanderins.com/wp-content/uploads/2019/08/29194036/Who-Needs-TL-Blog-Header.png
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae3cbe7b028eeab0136fa0af81f0666bf39716864d3cfde68f0afff820234ecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 11:35:56 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 14:52:24 GMT
server
AmazonS3
age
11758
etag
"542dd9b76963fc8a8bbc542c1f19d010"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
13834
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-request-id
H80JR8H2HDEYQ3V2
x-amz-id-2
pic58lWbUB6kXTx1F2BZ5AjMjFF1se0Y1R6GiCPCtjl4SNtNU+c6R+YMIH0QpAoatXkhh4E6R5Q=
x-amz-cf-id
tSOaYuc--lbHbZYiunvRRjSZE89L0Pls_CMJIFRZ7exLn-GoXeRP8Q==
How-Much-Do-You-REALLY-Need.png
static.zanderins.com/wp-content/uploads/2019/08/01162532/
18 KB
19 KB
Image
General
Full URL
https://static.zanderins.com/wp-content/uploads/2019/08/01162532/How-Much-Do-You-REALLY-Need.png
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12acde8f31f47e001d661f920b2bb82c5f5e26c5c54f006870983fdb783d5f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 07:39:39 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified
Tue, 02 Nov 2021 14:52:24 GMT
server
AmazonS3
age
803535
etag
"234bd267799aec03a9cb1f097946af07"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31536000
content-length
18686
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-request-id
BVCGD58VAA7YV8E0
x-amz-id-2
7m9qY6Pm/8rNKeTttQE0FqovaxnNg3A5Mz6NFG5dVZR/LAqNSJRA/8Gj3a3xH3pjxludl42LC6w=
x-amz-cf-id
Omy2NHHMBVelJA2KxiKvnhJx09w-5d800dVB9Uw5WhK5LgHzlnBWcA==
css
fonts.googleapis.com/
4 KB
968 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Asap:100,300,400,500,600,700
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df7c1a026b33dd065faf805f379213f6047833aba14e6768925434175be1b0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 14:51:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Jul 2022 14:51:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Jul 2022 14:51:54 GMT
css2
fonts.googleapis.com/
18 KB
995 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9bb234e613be8c55ea8d45198ec5d900d0dbdd50473dfb1aa98b354931fcf14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 14:51:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Jul 2022 14:51:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Jul 2022 14:51:54 GMT
outdatedbrowser.min.js
static.zanderins.com/static/js/
Redirect Chain
  • https://www.zanderins.com/static/js/outdatedbrowser.min.js
  • https://static.zanderins.com/static/js/outdatedbrowser.min.js
4 KB
2 KB
Script
General
Full URL
https://static.zanderins.com/static/js/outdatedbrowser.min.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Server
13.32.121.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a4b44a25eba0e4bc8e61c53a1814fcc29f5a9b3335a184deebd1c6aa426ed3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 06:00:21 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 19:09:16 GMT
server
AmazonS3
age
31893
etag
W/"414e9a5e37cd3b0b88bde1474108ffb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-request-id
NEZZTJ9K6RMFGWY1
x-amz-cf-id
Jxfv03FaHIn2W-VQ8TEVMqvXWTyaP-k2Wk6hc9XXDzh80gzqA0dIiQ==
x-amz-id-2
eozyR4/38q/IbsIKXsJ9JZhVXggM/0lYHQpDWgnsG3IgGDLSdJUf+y7pNNoYS96wMB3qQyxWs+Q=

Redirect headers

date
Tue, 05 Jul 2022 14:51:54 GMT
x-content-type-options
nosniff
server
nginx
location
https://static.zanderins.com/static/js/outdatedbrowser.min.js
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-length
83
x-xss-protection
1; mode=block
sharethis.js
platform-api.sharethis.com/js/
187 KB
42 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
/
Resource Hash
aeef17cb37c9f11b40b147b04e3f16ee3a2fdaa90bae2d503a7e3e99399ea682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:45:29 GMT
content-encoding
gzip
vary
Accept-Encoding
age
384
etag
W/"2ed4f-4+kfuOk8lynXIin2Z82IybFv7jo"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA60-P3
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
Q8d2gwcbK9rYKJtB8Rwc7vj7VK3bOoYPvMfWFclKDt8U_mF5Z2QDlw==
9697733.js
tag.getdrip.com/
2 KB
1 KB
Script
General
Full URL
https://tag.getdrip.com/9697733.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-58.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a089b1d7d49e13065f1881caf1f4202c90bb51c835c3599bafcd9958aab9af2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:55 GMT
content-encoding
gzip
last-modified
Tue, 05 Jul 2022 14:48:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
etag
W/"9db81be1b3a1403f4ca46102067e46c2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-id
BCP71VVIKT2DeCCagKk66mWuxLuOxCG230H6tlOFYLZ-azlX_LIxGw==
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25939
x-xss-protection
0
pragma
public
x-fb-debug
UECEZ7K3Y7hJ1kLfWUb7bTIJ8F1lq3Lu0XTOP6do1Wa/6ajkO6d6+wpSRyyvP7mhrpJhiDKYp8/V/9+xxg/65g==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 05 Jul 2022 14:51:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/
38 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 18:22:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 830FF879B762467ABACF1BB6939A8E19 Ref B: FRAEDGE1213 Ref C: 2022-07-05T14:51:53Z
etag
"0c8eafcad81d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 05 Jul 2022 14:51:53 GMT
accept-ranges
bytes
content-length
11360
1093780167393933
connect.facebook.net/signals/config/
292 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1093780167393933?v=2.9.64&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
854b0c9d590bc64f59896ceafe75ee77a79c75695b12d4d202baacd9c2f2edb1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
agf+fWUYQm/4yf+wrPeNDJIgbNJ9ReUdVj6uTQ7NTiyKorPE6ZvllzU0rs32D0h/3LwzHR30sCQiIm7wt/Lgag==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 05 Jul 2022 14:51:54 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1657032714136
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5663141.js
bat.bing.com/p/action/
0
136 B
Script
General
Full URL
https://bat.bing.com/p/action/5663141.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 904DC47EAD844B60A3AB48B3A24D75FF Ref B: FRAEDGE1213 Ref C: 2022-07-05T14:51:54Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 05 Jul 2022 14:51:53 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1093780167393933&ev=PageView&dl=https%3A%2F%2Fwww.zanderins.com%2F&rl=&if=false&ts=1657032714160&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1657032714159.1729112422&it=1657032713995&coo=false&exp=p0&rqm=GET
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 05 Jul 2022 14:51:54 GMT
truncated
/
276 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa8ace62b1aa0ca1bbaeb0f3f73648a402d953ac6a0a93874b387996a6603e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
303 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9f5871b747310fcf3d2d4b5cc772afe4a9ea2b302f8b9f6c381d50a5dde2882

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
303 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71ad165e213db4a42927287d7c7005157ead46bbe7eaa547527b208149b5f64d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d333ccbb4f7033ac3b7b206fda9739b5307a092129d7264dd8ba63ec9a996d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
621 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0ae0e2e5be14d1e6a875888bc09d00e04fc588f0f43f1dec49eee0c8b05d555

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4852b5086d525632aa9f948c91de249c9a9a42321064305b21565e65d1e1d51f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfbdc6af6fd2fc90392887280f0a08e922fb981c46e655cc98f0ec5e032ca31e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
316 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09a12cf661e26c554994fc433a01c217383e6ae48e68f83cc7383998b886c2d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
KFOoCniXp96ayzse4A.woff2
fonts.gstatic.com/s/asap/v24/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/asap/v24/KFOoCniXp96ayzse4A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:100,300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d731c357433b32f38555d25a1c7f516f21b6df446bbdaeeb05e6ce6d5adaca02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zanderins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 11:06:06 GMT
x-content-type-options
nosniff
age
531948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25400
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 19:38:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 11:06:06 GMT
hotjar-1195998.js
static.hotjar.com/c/
7 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1195998.js?sv=6
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-118.fra56.r.cloudfront.net
Software
/
Resource Hash
63d4e262127b116fc4b83868b10ccfcdd12ac138c75c63ec37f20d7608e91ad9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P6
etag
W/b913bcf1cb1529411464c6e19335a01a
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-amz-cf-id
glDEqPHGXhETgYzbVKqjT7YmznGvBHJ5KiuXeCu4mpBv3Akrat2xzA==
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
client.js
d14jnfavjicsbe.cloudfront.net/
88 KB
29 KB
Script
General
Full URL
https://d14jnfavjicsbe.cloudfront.net/client.js
Requested by
Host: tag.getdrip.com
URL: https://tag.getdrip.com/9697733.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:b600:1e:9742:1680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cb435d9631757dce9699bd42f9cf9c27e4b93a9674170ae9d1cb378eb368f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:48:34 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 22:40:48 GMT
server
AmazonS3
age
201
etag
W/"a2daea63ec2db739cad8349e8ee224aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA60-P1
x-amz-meta-md5sum
otrqY+wttznK2DSejuIkqg==
x-amz-cf-id
Gyzcozno1v-ja-L1YFy9vJVPD0-OLxc-epBhb45ydecFFI69kqq1XQ==
modules.eaa59710f7e60ac1d235.js
script.hotjar.com/
243 KB
63 KB
Script
General
Full URL
https://script.hotjar.com/modules.eaa59710f7e60ac1d235.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1195998.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-79.fra56.r.cloudfront.net
Software
/
Resource Hash
a482008da2fe0c09824c63004a9152849f1581670c5e82fc252b9658abc9f032
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
108588
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64077
access-control-allow-origin
*
last-modified
Mon, 04 Jul 2022 08:41:34 GMT
etag
"db52ab3b370d0f21f8ed961bf7934556"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
wt2ACujYxvfCP4n4Huc8ThgLnYoSWMKqqt_kqbXY0NHKZfYnAfP22A==
visit
api.getdrip.com/client/events/
84 B
836 B
Script
General
Full URL
https://api.getdrip.com/client/events/visit?drip_account_id=9697733&referrer=&url=https%3A%2F%2Fwww.zanderins.com%2F&domain=www.zanderins.com&time_zone=UTC&enable_third_party_cookies=f&callback=Drip_748441172
Requested by
Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-107.fra56.r.cloudfront.net
Software
/
Resource Hash
7bcdf4decb61a02ede2f64bdd5856f94af3af9f61d84c44ae4c72937a22564fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:54 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
84
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
7c996ffb-fe04-47f0-97f3-18632a5c0ef3
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
UzFxuE6kIAMFodQ=
content-length
84
x-xss-protection
1; mode=block
x-request-id
5bec37f3-6a29-4b3b-a3e1-d64d532ca14e
x-runtime
0.036524
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"7bcdf4decb61a02ede2f64bdd5856f94"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Tue, 05 Jul 2022 14:51:54 GMT
x-amz-cf-id
s27IIxMmuYzOPnkmgadf0jN5WIXssg59LI2gFzmn0t3it91LBeY_hg==
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1093780167393933&ev=Microdata&dl=https%3A%2F%2Fwww.zanderins.com%2F&rl=&if=false&ts=1657032714744&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Zander%20Insurance%20%E2%80%93%20Endorsed%20By%20Dave%20Ramsey%20%7C%20Official%20Site%22%2C%22meta%3Adescription%22%3A%22Zander%20Insurance%20is%20Dave%20Ramsey%27s%20choice%20for%20term%20life%2C%20disability%2C%20and%20identity%20theft%20insurance.%20Get%20instant%20insurance%20quotes%20online.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Zander%20Insurance%20%E2%80%93%20Endorsed%20By%20Dave%20Ramsey%20%7C%20Official%20Site%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.amazonaws.com%2Fzander-marketing-stg%2Fwp-content%2Fuploads%2F2019%2F11%2F26202231%2Fog-image-zander-insurance.jpg%22%2C%22og%3Adescription%22%3A%22Zander%20Insurance%20is%20Dave%20Ramsey%27s%20choice%20for%20term%20life%2C%20disability%2C%20and%20identity%20theft%20insurance.%20Get%20instant%20insurance%20quotes%20online.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1657032714159.1729112422&it=1657032713995&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 05 Jul 2022 14:51:54 GMT
main-nav-mobile
wp.zanderins.com/wp-json/menus/v1/menus/
15 KB
2 KB
Fetch
General
Full URL
https://wp.zanderins.com/wp-json/menus/v1/menus/main-nav-mobile
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/_next/static/chunks/commons.e7a259eb57af8d334329.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.128.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-128-8.compute-1.amazonaws.com
Software
nginx / PHP/7.4.30
Resource Hash
14babecd0717544d8de571e9c94cbfe58667782d223dd9d8fd8af8157905a24b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
PHP/7.4.30
vary
Origin
x-xss-protection
1
link
<https://wp.zanderins.com/wp-json/>; rel="https://api.w.org/"
allow
GET
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.zanderins.com
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
footer-nav
wp.zanderins.com/wp-json/menus/v1/menus/
7 KB
2 KB
Fetch
General
Full URL
https://wp.zanderins.com/wp-json/menus/v1/menus/footer-nav
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/_next/static/chunks/commons.e7a259eb57af8d334329.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.128.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-128-8.compute-1.amazonaws.com
Software
nginx / PHP/7.4.30
Resource Hash
75e3f142c62a09a54a5c38239ecc1036021d4c47807bd1d9e94b3e7ec7224465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
PHP/7.4.30
vary
Origin
x-xss-protection
1
link
<https://wp.zanderins.com/wp-json/>; rel="https://api.w.org/"
allow
GET
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.zanderins.com
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/_next/static/chunks/commons.e7a259eb57af8d334329.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6426
date
Tue, 05 Jul 2022 13:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Jul 2022 15:04:49 GMT
optimize.js
www.googleoptimize.com/
110 KB
42 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-W2SDLXW
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/_next/static/runtime/main-2e06c8b20a0fe256cfbb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd0058fedf6032cecad7a2c0cafb58b518c68ae63eaf85c0614dfc923dd8744f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:55 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42331
x-xss-protection
0
expires
Tue, 05 Jul 2022 14:51:55 GMT
truncated
/
248 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1a568f4cbb3482dae9fe7229ece2b7967b4cc5f423c2965719621559d62785

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e9bdb5c326e1382e81fcc09865d58ee809cb364ebfd0b622e24d5192e37db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
584 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31b7f44c73f5fef52822640f25dd1fc27900c9cc08d2874fe9e0da2a2747fc61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
772007978e7c147dc33e4f8ced830610951e0a1d6def75d3550da8f247af4a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
5c507f8e80b4ba001b1eef92.js
buttons-config.sharethis.com/js/
439 B
852 B
Script
General
Full URL
https://buttons-config.sharethis.com/js/5c507f8e80b4ba001b1eef92.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04c6ee85ea2549980ca0a9b252df67de86940f60907b3c0e116c64e76e0fc44e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:56 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Mon, 11 Feb 2019 21:58:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"37d40f524624c32e5dc28b00b0f20a52"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
439
x-amz-cf-id
5L0Q_nFsqLsVo2NS-OQakVj01ldtJRpyltEsSLwD0i5vtYhzXL7ezQ==
pview
l.sharethis.com/
0
404 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&hostname=www.zanderins.com&location=%2F&product=unknown&url=https%3A%2F%2Fwww.zanderins.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Zander%20Insurance%20%E2%80%93%20Endorsed%20By%20Dave%20Ramsey%20%7C%20Official%20Site&cms=unknown&publisher=5c507f8e80b4ba001b1eef92&sop=true&version=st_sop.js&lang=en&description=Zander%20Insurance%20is%20Dave%20Ramsey%27s%20choice%20for%20term%20life%2C%20disability%2C%20and%20identity%20theft%20insurance.%20Get%20instant%20insurance%20quotes%20online.
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.128.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-128-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 05 Jul 2022 14:51:55 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
https://www.zanderins.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
track
api.getdrip.com/client/
101 B
857 B
Script
General
Full URL
https://api.getdrip.com/client/track?url=https%3A%2F%2Fwww.zanderins.com%2F&visitor_uuid=922d213920244389bf5c294301b71b5d&_action=Started%20a%20new%20session&source=drip&drip_account_id=9697733&callback=Drip_987194574
Requested by
Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-107.fra56.r.cloudfront.net
Software
/
Resource Hash
d7df4e6ab4a0c3e9fa6b74391d3dbe887894991ebb52670f38b0064cec223ee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:55 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
101
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
8480bbf7-b556-4465-aee7-a0be3932b89c
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
UzFxzHOxoAMFUhw=
content-length
101
x-xss-protection
1; mode=block
x-request-id
28a0da9b-449d-4e34-b968-7d5defb753ed
x-runtime
0.044433
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"d7df4e6ab4a0c3e9fa6b74391d3dbe88"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Tue, 05 Jul 2022 14:51:55 GMT
x-amz-cf-id
6K38BWDkPTd3TjfG6SyaAt4EqQIvgTzPi5LnFU-FolIajGG8QyXwYA==
track
api.getdrip.com/client/
101 B
852 B
Script
General
Full URL
https://api.getdrip.com/client/track?url=https%3A%2F%2Fwww.zanderins.com%2F&visitor_uuid=922d213920244389bf5c294301b71b5d&_action=Visited%20a%20page&source=drip&drip_account_id=9697733&callback=Drip_343021721
Requested by
Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-107.fra56.r.cloudfront.net
Software
/
Resource Hash
133048f00773e46658394e10c3fd7a1bc16bea48e0899f0ceb78610e2838e57b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 14:51:55 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
101
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
f8a2e796-d70a-41d1-abc0-88af81975318
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
UzFx1E2DoAMFurQ=
content-length
101
x-xss-protection
1; mode=block
x-request-id
e2b8c24f-7c6b-4f2b-8ac0-e0c6f8c1c6be
x-runtime
0.070318
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"133048f00773e46658394e10c3fd7a1b"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Tue, 05 Jul 2022 14:51:55 GMT
x-amz-cf-id
Kxsgm2ZGia-YuIQI5XrI8cavNPDnARQUT98hg76d0hm0dZqiG_hkpA==
0
bat.bing.com/action/
0
175 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5663141&Ver=2&mid=fc512422-fa41-4d66-b6a0-cfb58f281e00&sid=0348f9b0fc7211ec82fb116b523aeba1&vid=0348dd70fc7211ecb9b94de9b012b014&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Zander%20Insurance%20%E2%80%93%20Endorsed%20By%20Dave%20Ramsey%20%7C%20Official%20Site&p=https%3A%2F%2Fwww.zanderins.com%2F&r=&lt=3041&evt=pageLoad&msclkid=N&sv=1&rn=603541
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B80867B3812441CE9AE531A4FDB19C47 Ref B: FRAEDGE1213 Ref C: 2022-07-05T14:51:55Z
date
Tue, 05 Jul 2022 14:51:54 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=66424062&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zanderins.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Zander%20Insurance%20%E2%80%93%20Endorsed%20By%20Dave%20Ramsey%20%7C%20Official%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAABAAAAAC~&jid=215658988&gjid=576788314&cid=227963552.1657032715&tid=UA-25631479-7&_gid=1903992684.1657032715&_r=1&_slc=1&z=1071844798
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zanderins.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 14:51:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zanderins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=66424062&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zanderins.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Zander%20Insurance%20%E2%80%93%20Endorsed%20By%20Dave%20Ramsey%20%7C%20Official%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAABAAAAAC~&jid=513536577&gjid=2115463391&cid=227963552.1657032715&tid=UA-122329982-3&_gid=1903992684.1657032715&_r=1&_slc=1&z=2116387107
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zanderins.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 14:51:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zanderins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame F1DC
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1195998.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-84.fra60.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.zanderins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
371516
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 07:39:59 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Thu, 30 Jun 2022 14:48:22 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-cf-id
qKmLUHOv-2Yc8uXuaWMqHTkPe8QnLkrZKDm5SLQoq_CZnwnSWGZHCA==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
visit-data
in.hotjar.com/api/v2/client/sites/1195998/
147 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1195998/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.eaa59710f7e60ac1d235.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.78.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-78-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer
https://www.zanderins.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 05 Jul 2022 14:51:55 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122329982-3&cid=227963552.1657032715&jid=513536577&gjid=2115463391&_gid=1903992684.1657032715&_u=IEDAAAABAAAAAC~&z=1708952074
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zanderins.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Jul 2022 14:51:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.zanderins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-25631479-7&cid=227963552.1657032715&jid=215658988&gjid=576788314&_gid=1903992684.1657032715&_u=IEDAAAAAAAAAAC~&z=825647935
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zanderins.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Jul 2022 14:51:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.zanderins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122329982-3&cid=227963552.1657032715&jid=513536577&_u=IEDAAAABAAAAAC~&z=1476769927
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 14:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-122329982-3&cid=227963552.1657032715&jid=513536577&_u=IEDAAAABAAAAAC~&z=1476769927
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 14:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-25631479-7&cid=227963552.1657032715&jid=215658988&_u=IEDAAAAAAAAAAC~&z=258694712
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 14:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-25631479-7&cid=227963552.1657032715&jid=215658988&_u=IEDAAAAAAAAAAC~&z=258694712
Requested by
Host: www.zanderins.com
URL: https://www.zanderins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zanderins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 14:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| load object| _dcq object| _dcs function| fbq function| _fbq object| uetq function| UET function| UET_init function| UET_push object| ueto_4094daeb42 function| hj object| _hjSettings object| webpackJsonp object| _dcfg object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| intlTelInputGlobals object| _dc undefined| Drip_748441172 object| __NEXT_P object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __NEXT_DATA__ function| _ object| next object| __NEXT_REDUX_STORE__ object| trackerNames string| GoogleAnalyticsObject function| ga function| outdatedBrowser function| addLoadEvent function| getBrowserVersion string| browserVersion function| addBrowserNameToClassList function| documentIsReady object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ undefined| Drip_987194574 undefined| Drip_343021721 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| dataLayer object| google_optimize object| defaultOpts undefined| bkgColor undefined| txtColor string| cssProp undefined| languagePath

15 Cookies

Domain/Path Name / Value
.bing.com/ Name: MUID
Value: 3D090665DDF0658A1E3517BDDC226403
.zanderins.com/ Name: _fbp
Value: fb.1.1657032714159.1729112422
.zanderins.com/ Name: _drip_client_9697733
Value: vid%253D922d213920244389bf5c294301b71b5d%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1657032715319%2526weeklySessionCount%253D1%2526lastSessionAt%253D1657032715319
.zanderins.com/ Name: _uetsid
Value: 0348f9b0fc7211ec82fb116b523aeba1
.zanderins.com/ Name: _uetvid
Value: 0348dd70fc7211ecb9b94de9b012b014
.zanderins.com/ Name: _ga
Value: GA1.2.227963552.1657032715
.zanderins.com/ Name: _gid
Value: GA1.2.1903992684.1657032715
.zanderins.com/ Name: _gat
Value: 1
.zanderins.com/ Name: _gat_t1
Value: 1
.zanderins.com/ Name: _hjSessionUser_1195998
Value: eyJpZCI6Ijk2ZWFlYjJhLTRiMjYtNTFjNi1iY2IyLTU1ZDJhMDAzZDA2OCIsImNyZWF0ZWQiOjE2NTcwMzI3MTUyODUsImV4aXN0aW5nIjpmYWxzZX0=
.zanderins.com/ Name: _hjFirstSeen
Value: 1
www.zanderins.com/ Name: _hjIncludedInSessionSample
Value: 0
.zanderins.com/ Name: _hjSession_1195998
Value: eyJpZCI6IjQ5NGEyY2RkLTcwYjUtNDlmNC04ZmVkLTJkNGIxMTJmZDViMCIsImNyZWF0ZWQiOjE2NTcwMzI3MTU0MDQsImluU2FtcGxlIjpmYWxzZX0=
www.zanderins.com/ Name: _hjIncludedInPageviewSample
Value: 1
.zanderins.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getdrip.com
auth.zanderins.com
bat.bing.com
buttons-config.sharethis.com
connect.facebook.net
d14jnfavjicsbe.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
l.sharethis.com
platform-api.sharethis.com
script.hotjar.com
static.hotjar.com
static.zanderins.com
stats.g.doubleclick.net
tag.getdrip.com
vars.hotjar.com
wp.zanderins.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.zanderins.com
zanderins.com
108.138.7.107
108.138.7.118
108.138.7.58
108.138.7.79
13.32.121.121
13.32.99.51
18.66.139.84
23.22.169.128
2600:9000:223c:3000:c:abe:f440:93a1
2600:9000:2240:b600:1e:9742:1680:21
2606:4700::6810:aafd
2620:1ec:c11::200
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.231.128.8
3.68.128.83
52.31.78.216
04c6ee85ea2549980ca0a9b252df67de86940f60907b3c0e116c64e76e0fc44e
08a56df3fadff24745a710659bf600d95d410d7acc8c73c703f1374a4cb13c76
09a12cf661e26c554994fc433a01c217383e6ae48e68f83cc7383998b886c2d5
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12acde8f31f47e001d661f920b2bb82c5f5e26c5c54f006870983fdb783d5f18
133048f00773e46658394e10c3fd7a1bc16bea48e0899f0ceb78610e2838e57b
14babecd0717544d8de571e9c94cbfe58667782d223dd9d8fd8af8157905a24b
2a4b44a25eba0e4bc8e61c53a1814fcc29f5a9b3335a184deebd1c6aa426ed3b
2aa8ace62b1aa0ca1bbaeb0f3f73648a402d953ac6a0a93874b387996a6603e7
2bc3dba2a0100387750269db4a5efa89d03616cfe781b309f43a69096f8f8315
31b7f44c73f5fef52822640f25dd1fc27900c9cc08d2874fe9e0da2a2747fc61
3b10e585e2ae5c3ea2848231d780abacef71b56b333bb3172955dd20cec060a7
3c1e9bdb5c326e1382e81fcc09865d58ee809cb364ebfd0b622e24d5192e37db
4852b5086d525632aa9f948c91de249c9a9a42321064305b21565e65d1e1d51f
48d24dfe219bd1954bd3c515bf98dcb72500d0772f485fbfdd034be1656275d8
5dc5fcc97894072e87333bc38b0b9dbf5dcdcc75807763c40972ee1af19fe118
61aa9331a4f890cb379d2482468c7db6d1cb9d9fbfe8781c1591244a4cf279f0
63d4e262127b116fc4b83868b10ccfcdd12ac138c75c63ec37f20d7608e91ad9
66242263e832342f95fd52ad1c589a3197feebad0c6e7392f86578d96bc0e615
6653f96a30e135446a2d31d062348a741205b8d29b4c34888fe171c8c3ed160c
66861c21d852cadae40940a6fb80cac7af48c07c87ed2641af77d7056eff33ba
71ad165e213db4a42927287d7c7005157ead46bbe7eaa547527b208149b5f64d
75e3f142c62a09a54a5c38239ecc1036021d4c47807bd1d9e94b3e7ec7224465
772007978e7c147dc33e4f8ced830610951e0a1d6def75d3550da8f247af4a27
7bcdf4decb61a02ede2f64bdd5856f94af3af9f61d84c44ae4c72937a22564fe
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854b0c9d590bc64f59896ceafe75ee77a79c75695b12d4d202baacd9c2f2edb1
8ade27b634105c0b258314ead388f4532b5b7a1484349d8aa32fb11319bd4878
949760cf8f3c2575ede46c1f81808ce78c9384e8b3981f1efc27c4ce2a560c45
9cb435d9631757dce9699bd42f9cf9c27e4b93a9674170ae9d1cb378eb368f0b
a089b1d7d49e13065f1881caf1f4202c90bb51c835c3599bafcd9958aab9af2d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a38ce420bbf96d7fee5cd88674cfb8faeaac522998f201f5f3897f7ab4158cd6
a3fca3c39d2c2e18bc750c67a50f20348491ab5ea92d8da6a2558b0317d21912
a482008da2fe0c09824c63004a9152849f1581670c5e82fc252b9658abc9f032
aa7f51d7025303ff95350a7783ce9c4a703909871000d04faaf559babb3436e5
ae3cbe7b028eeab0136fa0af81f0666bf39716864d3cfde68f0afff820234ecf
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aeef17cb37c9f11b40b147b04e3f16ee3a2fdaa90bae2d503a7e3e99399ea682
b8da2e97242b8a4271d6fab2c5db84cf098ba77962269e30eb7c7b73bfaf3803
ba5c8ce3c499ed91486b1e38246924fb514559c5fd73a61cb3ead97d4605e8f2
bc9ff20129fd65e7107f73f7683a181c94966abd22c80d2e08c3a892e6cb6835
bd0058fedf6032cecad7a2c0cafb58b518c68ae63eaf85c0614dfc923dd8744f
c9813c2cc64b4fc84b1981e7bb13f183477c762eba1bdecc1e2cd7e2d9309708
c9bb234e613be8c55ea8d45198ec5d900d0dbdd50473dfb1aa98b354931fcf14
c9f5871b747310fcf3d2d4b5cc772afe4a9ea2b302f8b9f6c381d50a5dde2882
cfbdc6af6fd2fc90392887280f0a08e922fb981c46e655cc98f0ec5e032ca31e
d0ae0e2e5be14d1e6a875888bc09d00e04fc588f0f43f1dec49eee0c8b05d555
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d333ccbb4f7033ac3b7b206fda9739b5307a092129d7264dd8ba63ec9a996d19
d731c357433b32f38555d25a1c7f516f21b6df446bbdaeeb05e6ce6d5adaca02
d7df4e6ab4a0c3e9fa6b74391d3dbe887894991ebb52670f38b0064cec223ee8
df7c1a026b33dd065faf805f379213f6047833aba14e6768925434175be1b0bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f18c681b77d84f4fbc5a93c3667deac93709ffd9451a6e30e33ba1d4c811f237
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fb1a568f4cbb3482dae9fe7229ece2b7967b4cc5f423c2965719621559d62785