my.cheddarup.com Open in urlscan Pro
2606:4700:10::6816:36f6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nakedbeats.art/
Effective URL:
https://my.cheddarup.com/c/darkdreams
Submission: On January 10 via api (January 10th 2024, 4:24:16 am UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 26 domains to perform 99 HTTP transactions. The main IP is 2606:4700:10::6816:36f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.cheddarup.com.
TLS certificate: Issued by GTS CA 1P5 on December 15th 2023. Valid for: 3 months.

This is the only time my.cheddarup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
1 1	18.165.183.77 18.165.183.77	16509 (AMAZON-02) (AMAZON-02)
15	2606:4700:10:... 2606:4700:10::6816:36f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	35.244.189.201 35.244.189.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2606:4700:20:... 2606:4700:20::ac43:44d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.77.178.119 54.77.178.119	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:22d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.165.183.59 18.165.183.59	16509 (AMAZON-02) (AMAZON-02)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::ac40:96ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.165.183.85 18.165.183.85	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	2620:1ec:46::63 2620:1ec:46::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	54.72.167.172 54.72.167.172	16509 (AMAZON-02) (AMAZON-02)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.165.183.49 18.165.183.49	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.29 13.32.27.29	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:440... 2606:4700:4400::6812:26d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:47bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
99	35

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

nakedbeats.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.77 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-77.zrh55.r.cloudfront.net

darkdreams.cheddarup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:36f6 (United States)

ASN13335 (CLOUDFLARENET, US)

my.cheddarup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.189.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.189.244.35.bc.googleusercontent.com

cdn.withpersona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:44d6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.178.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-178-119.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a0d (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-59.zrh55.r.cloudfront.net

code.upscope.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:96ba (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-85.zrh55.r.cloudfront.net

script.tapfiliate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:46::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.167.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-167-172.eu-west-1.compute.amazonaws.com

directory.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-49.zrh55.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-29.fra56.r.cloudfront.net

js.upscope.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:26d8 (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

cheddarup.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:47bf (United States)

ASN13335 (CLOUDFLARENET, US)

images.cheddarcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cheddarup.com 1 redirects darkdreams.cheddarup.com my.cheddarup.com	2 MB
10	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1280 c.clarity.ms — Cisco Umbrella Rank: 2579 w.clarity.ms — Cisco Umbrella Rank: 12725	32 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3600 ekr.zdassets.com — Cisco Umbrella Rank: 4357	354 KB
7	google.com www.google.com — Cisco Umbrella Rank: 6 region1.analytics.google.com — Cisco Umbrella Rank: 2014	2 KB
6	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 692 c.bing.com — Cisco Umbrella Rank: 539	30 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	42 KB
4	brevo.com in-automate.brevo.com — Cisco Umbrella Rank: 32335	1008 B
4	google.de www.google.de — Cisco Umbrella Rank: 4002	733 B
4	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 31188	8 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	134 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	243 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1202 script.hotjar.com — Cisco Umbrella Rank: 1735	63 KB
3	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 14332	632 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	295 KB
3	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 17526	69 KB
2	cheddarcdn.com images.cheddarcdn.com	94 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	upscope.io code.upscope.io — Cisco Umbrella Rank: 57172 js.upscope.io — Cisco Umbrella Rank: 86757	40 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 13817 prism.app-us1.com — Cisco Umbrella Rank: 13785	8 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 20434 directory.cookieyes.com — Cisco Umbrella Rank: 23902	415 B
1	zendesk.com cheddarup.zendesk.com	1 KB
1	tapfiliate.com script.tapfiliate.com — Cisco Umbrella Rank: 51993	4 KB
1	withpersona.com cdn.withpersona.com — Cisco Umbrella Rank: 238742	191 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
1	nakedbeats.art 1 redirects nakedbeats.art	303 B
99	26

	Domain	Requested by
15	my.cheddarup.com	my.cheddarup.com
7	static.zdassets.com	my.cheddarup.com static.zdassets.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn-cookieyes.com
5	www.clarity.ms	my.cheddarup.com bat.bing.com cdn-cookieyes.com www.clarity.ms
5	bat.bing.com	www.googletagmanager.com bat.bing.com cdn-cookieyes.com
4	in-automate.brevo.com	sibautomation.com
4	www.google.de
4	www.google.com	www.googletagmanager.com
4	sibautomation.com	my.cheddarup.com sibautomation.com
4	connect.facebook.net	my.cheddarup.com connect.facebook.net cdn-cookieyes.com
3	w.clarity.ms	www.clarity.ms
3	region1.analytics.google.com	www.googletagmanager.com
3	trackcmp.net	my.cheddarup.com diffuser-cdn.app-us1.com
3	www.googletagmanager.com	my.cheddarup.com www.googletagmanager.com cdn-cookieyes.com
3	cdn-cookieyes.com	my.cheddarup.com cdn-cookieyes.com
2	fonts.gstatic.com	fonts.googleapis.com
2	images.cheddarcdn.com
2	c.clarity.ms	1 redirects
2	www.facebook.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	static.hotjar.com	www.googletagmanager.com cdn-cookieyes.com
2	googleads.g.doubleclick.net	www.googletagmanager.com cdn-cookieyes.com
1	cheddarup.zendesk.com	static.zdassets.com
1	c.bing.com	1 redirects
1	www.gstatic.com	www.google.com
1	js.upscope.io	code.upscope.io
1	script.hotjar.com	static.hotjar.com
1	ekr.zdassets.com	static.zdassets.com
1	directory.cookieyes.com	cdn-cookieyes.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	script.tapfiliate.com	www.googletagmanager.com
1	code.upscope.io	my.cheddarup.com
1	diffuser-cdn.app-us1.com	my.cheddarup.com
1	log.cookieyes.com	cdn-cookieyes.com
1	cdn.withpersona.com	my.cheddarup.com
1	fonts.googleapis.com	my.cheddarup.com
1	darkdreams.cheddarup.com	1 redirects
1	nakedbeats.art	1 redirects
99	38

This site contains links to these domains. Also see Links.

Domain
www.cheddarup.com
support.cheddarup.com
itunes.apple.com
play.google.com
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
my.cheddarup.com GTS CA 1P5	`2023-12-15` - `2024-03-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cdn.withpersona.com GTS CA 1D4	`2023-12-11` - `2024-03-10`	3 months	crt.sh
cdn-cookieyes.com GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2023-04-25` - `2024-05-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
diffuser-cdn.app-us1.com E1	`2023-12-03` - `2024-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-26` - `2024-08-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
upscope.io Amazon RSA 2048 M03	`2023-10-23` - `2024-11-20`	a year	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
backend.tapfiliate.com Amazon RSA 2048 M01	`2023-10-04` - `2024-11-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
prism.app-us1.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
directory.cookieyes.com Amazon RSA 2048 M02	`2023-03-03` - `2024-04-01`	a year	crt.sh
brevo.com GTS CA 1P5	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
cheddarup.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://my.cheddarup.com/c/darkdreams
Frame ID: 342AE17D7227FB64D370214B22583447
Requests: 91 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=5s5vs0j7k8xtlpa33z60jsyc
Frame ID: 73D7061D06A63EE1CAB421C2E7139642
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: F357760C3E768C55CF02347EFD77099B
Requests: 6 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=5s5vs0j7k8xtlpa33z60jsyc
Frame ID: FCD259E8A72AB9CD0AB18FCC065FF4C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dark Dreams & Darker Delights: A Midnight Masquerade Double-Feature 🌑 - Cheddar UpAppStoreBadge.RevGooglePlayBadge.Rev

Page URL History Show full URLs

http://nakedbeats.art/ HTTP 301
https://darkdreams.cheddarup.com/ HTTP 302
https://my.cheddarup.com/c/darkdreams Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

99
Requests

99 %
HTTPS

58 %
IPv6

26
Domains

38
Subdomains

35
IPs

5
Countries

3522 kB
Transfer

11009 kB
Size

36
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cheddarup.com/

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/how-does-cheddar-up-work/
Title: How It Works

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/features/
Title: Features

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/reviews
Title: User Stories

Search URL Search Domain Scan URL

URL: https://support.cheddarup.com/hc/en-us
Title: Knowledge Center

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/pricing/
Title: Pricing

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/about-cheddar-up/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.cheddarup.com/press/
Title: Press

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/partners/
Title: Partner with Us

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/affiliate/
Title: Affiliate Program

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/pta-payments
Title: PTAs

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/girlscouts/
Title: Girl Scouts

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/boyscouts/
Title: Boy Scouts

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/nonprofit-payment-processing/
Title: Nonprofits

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/collect-team-payments
Title: Teams

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/teacher-gift-collection
Title: Teacher Gifts

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/group-gift/
Title: Group Gifts

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/collect-school-payments
Title: Schools

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/collect-club-payments
Title: Clubs

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/collect-money-reunion
Title: Reunions

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/band-fees
Title: Bands

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/hoa-online-payments
Title: HOAs

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/church-payments
Title: Churches

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/cheer
Title: Cheer

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/cheddar-up/id1141129202?ls=1&mt=8
Title: .cls-1{fill:#aeaeae;}AppStoreBadge.Rev

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.cheddarup.CheddarUp
Title: .cls-1{fill:#aeaeae;}.cls-2{fill:url(#linear-gradient);}.cls-3{fill:url(#linear-gradient-2);}.cls-4{fill:url(#linear-gradient-3);}.cls-5{fill:url(#linear-gradient-4);}.cls-6{opacity:0.2;}.cls-6,.cls-7,.cls-8{isolation:isolate;}.cls-7{opacity:0.12;}.cls-8{fill:#fff;opacity:0.25;}GooglePlayBadge.Rev

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CheddarUp

Search URL Search Domain Scan URL

URL: https://twitter.com/cheddarup

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cheddarup/

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/termsofuse/
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.cheddarup.com/privacypolicy/
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nakedbeats.art/ HTTP 301
https://darkdreams.cheddarup.com/ HTTP 302
https://my.cheddarup.com/c/darkdreams Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5B537223619442828DAC36DD2AC3C3E5&RedC=c.clarity.ms&MXFR=3BB1AC12C5326D7F349EB810C132638C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5B537223619442828DAC36DD2AC3C3E5&MUID=10E2CC60C84569BC3FC1D862C9E968DA

99 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request darkdreams Show response
my.cheddarup.com/c/
Redirect Chain

http://nakedbeats.art/
https://darkdreams.cheddarup.com/
https://my.cheddarup.com/c/darkdreams

4 KB
2 KB

299ms
174ms

Document
text/html

2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa4d98425c02df7fa66fe73e5f6fcf4cd4a7a5bfd6428f497bb56090f177f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 8432261449ae9196-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 04:24:09 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HKRST261SYT0K0H6Y2D9JW8R

Redirect headers

age: 80854
content-length: 0
date: Tue, 09 Jan 2024 05:56:35 GMT
location: https://my.cheddarup.com/c/darkdreams
server: CloudFront
via: 1.1 9defe0d67603d45217a1199d0f877384.cloudfront.net (CloudFront)
x-amz-cf-id: GrMUHSwZwgNt4AGJl_iXC5DLeF86a8DB2oAuwY00nK6lpIAEvZsy9A==
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 135ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:ital@0;1&display=swap

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6034efeed2b984cb0e213e03082b9fc08c8a42620521b4daf1a584bdd6d431c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 04:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 04:24:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 04:24:09 GMT

GET
H2 200 vendor-1a464b8e.js Show response
my.cheddarup.com/assets/ 4 MB
1 MB 66ms
66ms Script
application/javascript 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/assets/vendor-1a464b8e.js

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea241ba80ff51d92cd71bc2249e5f65264a0e1457caa25519743390def002f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.cheddarup.com/c/darkdreams
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKMW156BDCNM2CTMKX6Q9EF5
date: Wed, 10 Jan 2024 04:24:09 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 131888
cf-polished: origSize=4566625
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: W/"f81cac41f9bbbcf781e8a5aac41d0c2c-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 84322615da979196-FRA

GET
H2 200 index-7e26e219.css
my.cheddarup.com/assets/ 101 KB
16 KB 50ms
50ms Stylesheet
text/css 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/assets/index-7e26e219.css

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3935a45b7144c7662254679b6fce88f330c4350c05e6372b422a036d09e1abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/c/darkdreams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKMW156Q2705TDF8DFFCKV1Y
date: Wed, 10 Jan 2024 04:24:09 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 131888
cf-polished: origSize=103411
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"9de446a5d79570e7a69182af462066e1-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 84322615da939196-FRA

GET
H2 200 rocket-loader.min.js Show response
my.cheddarup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 48ms
48ms Script
application/javascript 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/c/darkdreams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 84322615eaa19196-FRA
expires: Fri, 12 Jan 2024 04:24:09 GMT

GET
H2 200 index-76b3b0a6.js Show response
my.cheddarup.com/assets/ 2 MB
527 KB 60ms
60ms Script
application/javascript 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/assets/index-76b3b0a6.js

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f330bb54c82eafa2476377b5a38a387980bfc019ebbb9e03ff0f62ef798f4ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.cheddarup.com/c/darkdreams
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKMW15P9GF3M2PMZ530A8PM7
date: Wed, 10 Jan 2024 04:24:10 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 131888
cf-polished: origSize=1983096
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"edd59f7e4a02ebf48e5b3ac99799b420-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 84322616bae49196-FRA

GET
H2 200 persona-v4.5.0.js Show response
cdn.withpersona.com/dist/ 190 KB
191 KB 141ms
40ms Script
application/javascript 35.244.189.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.withpersona.com/dist/persona-v4.5.0.js
Requested by: Host: my.cheddarup.com
URL: https://my.cheddarup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.189.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.189.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 301440ab7282266fe69fbe3e08ba71a83dd3edfd905d9541eae026cd9c83a404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 03:37:52 GMT
age: 2778
x-guploader-uploadid: ABPtcPplfmaTdRm2SF-VuN0dghYasCsvNb1s_fNNYgHN_8G1tFlHbAodlCYBSa-13EJi7fv6HbxAtYr-LkQnMi8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 194573
last-modified: Wed, 23 Mar 2022 17:46:30 GMT
server: UploadServer
etag: "c189c2455937e78cb9dfb6e60b06adb4"
x-goog-generation: 1648057590532127
x-goog-hash: crc32c=DrCdMQ==, md5=wYnCRVk354y537bmCwattA==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 194573
accept-ranges: bytes
expires: Wed, 10 Jan 2024 04:37:52 GMT

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/ 98 KB
35 KB 136ms
50ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/script.js
Requested by: Host: my.cheddarup.com
URL: https://my.cheddarup.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e45927e85ddeba0f12b760e592eb139b653079cc12072dceb66c80d96479bef3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 00:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 96801
etag: W/"18748-60debb09d733d-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tB8A0O0hglzgjJxI0DPUW8hb6wgwpGx5jBLU0g9EPExXlIpTHKyGZJ74qicL5l0AXbwmk7nELR76%2BGu7CWsfs6%2F1shuyK0XytM7X57seIujpmanHxkPkq%2FJwcWGiZAXzHwWRT%2BR4ZhlR89QI5RU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 84322617387d913c-FRA

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 173ms
57ms Ping
text/plain 54.77.178.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.178.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-178-119.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://my.cheddarup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFqOOALvME4v6kPWG

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 04:24:10 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/ 93 KB
33 KB 51ms
50ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d600284add4b0582b2952334a16d4a174e0f43dea284c2a6f0cd7a210c3694b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 00:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100044
etag: W/"174dd-60debb09d639d-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOV1CCQYXNryy5mP9Dkd0MobBtLTOiUTKoHGnwLQ7sEUN3%2FXvRPnfxfS54UPUPBwuVlf%2BBA9jmbakEweNCBg1tqgtJ0IeZ6j9Ugnk%2FXPvsJxfjuN5cETg8PvCMmhGtHhuRNJTkgZ0vD0asd4Hdkm"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 84322617a8b4913c-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 349 KB
108 KB 151ms
65ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3D6S7F

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ada1b00c12bc3aa520e14930e645183e8a730a36e89ad6175b5e88399584d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110192
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jan 2024 04:24:10 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 137ms
47ms Script
application/javascript 2606:4700::6810:a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: gzip
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P2
age: 125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 843226190c8d30c9-FRA
x-amz-cf-id: HLfrDCnqDLFLSH4xOcOqqCxgAP9c4cRjcf7QFxqO_wu-qXoeVOn12w==

GET
DATA 200
OK truncated
/ 353 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 EzXB4Ks1.json Show response
cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/ 521 B
663 B 130ms
48ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/EzXB4Ks1.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815459532783cb36ebe98b7980ad54da494071d7015ba4154a8da5a33a332069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jan 2024 00:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 97534
etag: W/"209-60debb09d53fd"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2F6N5yHSST%2BRIxo%2FizGGNiVqkeStoFxtLv01k1VOuEItfifw5kC3Z3pdPZkajQcUK8pp9GeqDzoeCJeu4TQer5iXWxkgEzbY7z6%2FsNJaPWjrYzCAaRKJ%2FjfLg3BEzlNewV0xo5o7Vfj8Uq2UY7UT"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8432261b1f201d94-FRA

GET
H2 200 darkdreams Show response
my.cheddarup.com/api/collections/ 6 KB
4 KB 898ms
898ms XHR
application/json 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/api/collections/darkdreams

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/assets/vendor-1a464b8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e1aa5579818a1fa07a06ccac58512ad354c2ff2675534ffc40b46eeb172fc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src 'none'; connect-src wss:; font-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; sandbox; script-src 'none'; style-src 'none'; upgrade-insecure-requests; worker-src 'none'
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.cheddarup.com/c/darkdreams
accept-language: de-DE,de;q=0.9
Client-Id: 69d1bcb3-a2ab-4f13-927e-9b0a21d9a71b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKRST36003Q3PREM2WRESPVD
date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-captcha-expires-in: -60
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src 'none'; connect-src wss:; font-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; sandbox; script-src 'none'; style-src 'none'; upgrade-insecure-requests; worker-src 'none'
age: 1
content-encoding: br
x-captcha-verified: false
x-xss-protection: 1; mode=block
x-request-id: 4ac5b3ed-f6a4-45da-a4cf-924d9d97ab71
x-runtime: 0.434522
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
netlify-vary: query
server: cloudflare
etag: W/"e0d1c84a12b57de81d65dcbc20a78de4"
cache-status: "Netlify Edge"; fwd=miss
x-download-options: noopen
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0,private,must-revalidate
cf-apo-via: origin,host
x-tracking-id: 4ac5b3ed-f6a4-45da-a4cf-924d9d97ab71
cf-ray: 8432261aac479196-FRA

GET
H2 401 session Show response
my.cheddarup.com/api/ 24 B
1 KB 474ms
474ms XHR
application/json 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/api/session

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/assets/vendor-1a464b8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

782eeaa7f1915f6783146f8180751785584f0f24bd4e503165c7fc4a597da600

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src 'none'; connect-src wss:; font-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; sandbox; script-src 'none'; style-src 'none'; upgrade-insecure-requests; worker-src 'none'
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.cheddarup.com/c/darkdreams
accept-language: de-DE,de;q=0.9
Client-Id: 69d1bcb3-a2ab-4f13-927e-9b0a21d9a71b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKRST361BY6CJ0AH379EFSZ7
date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-captcha-expires-in: -60
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src 'none'; connect-src wss:; font-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; sandbox; script-src 'none'; style-src 'none'; upgrade-insecure-requests; worker-src 'none'
age: 1
x-captcha-verified: false
x-xss-protection: 1; mode=block
x-request-id: b52be7c7-75a8-411b-b1b3-8487c46de12a
x-runtime: 0.012777
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
netlify-vary: query
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
x-download-options: noopen
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-apo-via: origin,host
x-tracking-id: b52be7c7-75a8-411b-b1b3-8487c46de12a
cf-ray: 8432261aac489196-FRA

GET
H2 200 visit Show response
trackcmp.net/ 0
420 B 332ms
242ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/visit?actid=798920561&e=undefined&r=&u=https://my.cheddarup.com/c/darkdreams&callback=__jp0
Requested by: Host: my.cheddarup.com
URL: https://my.cheddarup.com/assets/vendor-1a464b8e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.24
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 101
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 8432261b48dd2c49-FRA
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
93 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W9PXGN8PXY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3D6S7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16e539f8d1578125d3d917e412a8212797df701de3ea8d408b0bce89a9c3c583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 04:24:10 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 119ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jan 2024 04:24:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54366
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ZjQj/1UlNPSJvHt+HQoWHzsGNzlB/p1mwDaah9YtlwgZsmkZDkJ3pMHf/beUtWMz7hMIOKL62nwm7AYBz7rgJQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3D6S7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 03:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2153
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 10 Jan 2024 05:48:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032962099/ 3 KB
2 KB 137ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032962099/?random=1704860650670&cv=11&fst=1704860650670&bg=ffffff&guid=ON&async=1&gtm=45He4180v78222110&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&label=vvDTCMPIwYYBELOAx-wD&hn=www.googleadservices.com&frm=0&tiba=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&auid=890443326.1704860651&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3D6S7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65a56e83d9960645d4a9302e7325abe4b2295a67926798b689dd51f5dd845e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2300315.js Show response
static.hotjar.com/c/ 9 KB
4 KB 152ms
67ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2300315.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3D6S7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

1e275233f0f84a32ea896d492e49d4fe531231534d409427739fdd2257c04c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 04:24:10 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/5186a612d24b7763b0a483b5fec42873
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 1TlaAcG1uHU4-Uyy5Fk9n-33DGqz8IxB0dZk8JGbqz34LiNQojU7PA==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 157ms
65ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3D6S7F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 04:24:09 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9DE5D6ADEA1841999F578276CBECCD88 Ref B: FRA31EDGE0705 Ref C: 2024-01-10T04:24:10Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 SebSvvGfYs.js Show response
code.upscope.io/ 1 KB
952 B 157ms
59ms Script
application/javascript 18.165.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://code.upscope.io/SebSvvGfYs.js
Requested by: Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-59.zrh55.r.cloudfront.net
Software: /
Resource Hash: 8ed2f77ad9cd80de213140c6173850fe5426cc004e5b3b03a3a51c057e798e47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: gzip
via: 1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60,public
x-amz-cf-id: g6GaeMZUAMlgPQeXxBwUVa63hY51YvCaZPZpNnFBvxnzQ2XIEKduGQ==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 110ms
45ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=bed1edb4-48fd-495d-86d4-9c00fd3e84aa

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 53
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbZ3xLGNBsyMneve0iPb2qvtqUBl27MjOMKQQdOHvcvbaKoCKPrpuaL8rTn5hstusfiI1pyw9g509iYhkfKm3cItvVOV1hGlnEtDD14gzM0m2CvHFZN3MzPs9VlkMRQU0aBpQ7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 8432261b2b5aaca9-TXL

GET
H2 200 sa.js Show response
sibautomation.com/ 8 KB
3 KB 141ms
51ms Script
text/javascript 2606:4700:4400::ac40:96ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=5s5vs0j7k8xtlpa33z60jsyc
Requested by: Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:96ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: 170be8230b71c7276d7f1b8ae46638f893216bb2dc3f9cb4d7320e88fa558dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1956
cf-polished: origSize=10688
etag: W/"29c0-QMKSDKj1D4k89JnW5TLws0oYXCc"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 8432261b5c351c40-FRA
expires: Wed, 10 Jan 2024 04:25:10 GMT

GET
H2 200 tapfiliate.js Show response
script.tapfiliate.com/ 11 KB
4 KB 150ms
43ms Script
application/javascript 18.165.183.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.tapfiliate.com/tapfiliate.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3D6S7F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-85.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:46:10 GMT
content-encoding: gzip
via: 1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 12:34:24 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 85081
etag: W/"ddbb39a9e8e67d5067145f8aa76b938d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UDCskON-JDcYi-7_sXiMBBRXnEjGuaQ1Pe_-37s3hOpbHJqIUY76Vw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 143ms
57ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3D6S7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40a77c47a61e17d7c8edd41de89eb651387c290281eaff781601d75d0fdf8fe2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jan 2024 04:24:10 GMT

GET
H2 200 eg09u813ee Show response
www.clarity.ms/tag/ 1 KB
1 KB 208ms
128ms Script
application/x-javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/eg09u813ee?ref=gtm2
Requested by: Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 17a1bac4866f66f5558b10d222da390574d96f91008c25c9daad036fa0819159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: -1
date: Wed, 10 Jan 2024 04:24:10 GMT
x-azure-ref: 20240110T042410Z-69wrsctxad3nr12dhcgsp2k8x000000008g000000000ahn8
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1035
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
490 B 340ms
250ms Script
application/javascript 2606:4700::6810:a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=798920561&u=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.25

Resource Hash

9a44559b51ee302d5214deb36e174113d22ee006b267519c0c594805ea6ad392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.25
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 108
cf-ray: 8432261c38419a15-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 131ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-W9PXGN8PXY&gtm=45je4180v871824799z878222110&_p=1704860650295&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1499090852.1704860651&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dp=%2Fc%2Fdarkdreams&sid=1704860650&sct=1&seg=0&dl=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&dt=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_group=Payer&ep.payer_page=false&ep.netlify_ab_branch=production&up.num_collections_created=0&up.total_payments=0&up.payer_signup=false&tfd=1586
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W9PXGN8PXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.cheddarup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 47ms
47ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W9PXGN8PXY&cid=1499090852.1704860651&gtm=45je4180v871824799z878222110&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W9PXGN8PXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.cheddarup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 136ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W9PXGN8PXY&cid=1499090852.1704860651&gtm=45je4180v871824799z878222110&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1567441008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-W9PXGN8PXY&gtm=45je4180v871824799z878222110&_p=1704860650295&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1499090852.1704860651&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAC&_s=2&dp=%2Fc%2Fdarkdreams&sid=1704860650&sct=1&seg=1&dl=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&dt=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&en=page_view&ep.content_group=Payer&ep.payer_page=false&ep.netlify_ab_branch=production&_et=2&tfd=1596
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W9PXGN8PXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.cheddarup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ip Show response
directory.cookieyes.com/api/v1/ 108 B
262 B 190ms
54ms Fetch
text/html 54.72.167.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://directory.cookieyes.com/api/v1/ip
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.167.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-167-172.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 66c4ae3db356f8fafcc14884e1350c11a1f648a337d14509952bf245e6477e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 04:24:10 GMT
x-powered-by: Express
content-length: 108
etag: W/"6c-yVmtNnWRnC5jD6VBESIm4OK9edg"
content-type: text/html; charset=utf-8

GET
H2 200 bed1edb4-48fd-495d-86d4-9c00fd3e84aa Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 287ms
220ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/bed1edb4-48fd-495d-86d4-9c00fd3e84aa

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=bed1edb4-48fd-495d-86d4-9c00fd3e84aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a27fdd3b7c3a235696be8a833450941d67aacdd8dd51cf2ef98ff1a325b0b866

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8308fa82c89b5203-SEA, 8308fa82c89b5203-SEA
x-runtime: 0.010178
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a27fdd3b7c3a235696be8a833450941d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Fj%2F7FdQz6pq%2BGiNpV7UqGLN5prc8obWvVwTfTWNKTUJ5tplyFjpgeGm90awEupoXvmNjJtStSHomHy0g0RoVL3EW21D3wlY7cfpCZDbBfcWgzjMxGmlYs%2BKwvmrFWDBafI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8432261bfc9044f2-TXL

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=970157429&t=pageview&_s=1&dl=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&ul=en-us&de=UTF-8&dt=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1103805533&gjid=1824497040&cid=1499090852.1704860651&tid=UA-38457530-1&_gid=1450686140.1704860651&_slc=1&gtm=45He4180n81N3D6S7Fv78222110&cd1=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=909982770

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.cheddarup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.cheddarup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 140ms
47ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-38457530-1&cid=1499090852.1704860651&jid=1103805533&gjid=1824497040&_gid=1450686140.1704860651&_u=YCDAgEABAAAAAGAAI~&z=137074251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.cheddarup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Jan 2024 04:24:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.cheddarup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1032962099/ 42 B
455 B 95ms
49ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1032962099/?random=1704860650670&cv=11&fst=1704859200000&bg=ffffff&guid=ON&async=1&gtm=45He4180v78222110&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&label=vvDTCMPIwYYBELOAx-wD&frm=0&tiba=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Mk_kifEDQfBbrO-m6rQAXiRKcAC8bw&random=465527178&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1032962099/ 42 B
455 B 125ms
50ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1032962099/?random=1704860650670&cv=11&fst=1704859200000&bg=ffffff&guid=ON&async=1&gtm=45He4180v78222110&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&label=vvDTCMPIwYYBELOAx-wD&frm=0&tiba=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Mk_kifEDQfBbrO-m6rQAXiRKcAC8bw&random=465527178&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm.html Show response
sibautomation.com/ Frame 73D7 2 KB
1 KB 49ms
49ms Document
text/html 2606:4700:4400::ac40:96ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?key=5s5vs0j7k8xtlpa33z60jsyc
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=5s5vs0j7k8xtlpa33z60jsyc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:96ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: fa38e781f02a236f6ec2c512b5a6834ba5254fb5532ea39a9ad9fe151f3d8ed7

Request headers

Referer: https://my.cheddarup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 16419
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8432261bbc741c40-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 10 Jan 2024 04:24:10 GMT
expires: Wed, 10 Jan 2024 06:24:10 GMT
server: cloudflare
traceresponse: 00-c1c7aeb6e0e90a2ff7ad58904ba8ce54-3b8257f7daab02d0-01
vary: Accept-Encoding
x-dt-tracestate: 14ea3eee-a07e0240@dt
x-powered-by: Sails <sailsjs.com>

GET
H2 200 modules.abdef350bc65bc59cb61.js Show response
script.hotjar.com/ 220 KB
55 KB 153ms
49ms Script
application/javascript 18.165.183.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.abdef350bc65bc59cb61.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2300315.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.165.183.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-183-49.zrh55.r.cloudfront.net

Software

Resource Hash

5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d75d7156b5e1833582c3070298720664.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 150364
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55659
last-modified: Mon, 08 Jan 2024 10:37:27 GMT
etag: "80c44d9c04a527e3fdaa01818eb305c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: j3MHt7owUPDsO7a6XT_KR3WxZWPMCHxtH0qCaK3DEiAqu50wfh5Q4A==

GET
H2 200 upscope-2.4.18.es6.js Show response
js.upscope.io/ 132 KB
39 KB 139ms
47ms Script
text/javascript 13.32.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.upscope.io/upscope-2.4.18.es6.js
Requested by: Host: code.upscope.io
URL: https://code.upscope.io/SebSvvGfYs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-29.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 869af33711821205fc5a560682917eb2dec002876acab3a9352c0caeac53f779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:23:45 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 23:16:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 26
etag: W/"132ff05e82adac59093f1a9feaaa4870"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000,public
x-amz-cf-id: 1BdIG4eDyIBqT2BaxX9NUtjgPa0ENSMKuIaqIoAmyz5tnC9uSQsUTA==

GET
H2 200 187024528.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 64ms
64ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187024528.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9286eab13757c0cfb9923b8398c072a2cb083bc9f061a024a9be5ad70c72d5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 10 Jan 2024 04:24:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F03EB5F3D48489D8CE9FFA9CD0FEBEC Ref B: FRA31EDGE0705 Ref C: 2024-01-10T04:24:10Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
288 B 101ms
100ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187024528&tm=gtm002&Ver=2&mid=b91d6a8d-92ca-4799-939b-e7a165e8c1e6&sid=1a59cbd0af7011eebc60e31492959215&vid=1a59c2f0af7011eeaae181e5b1aea013&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&p=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&r=&lt=814&evt=pageLoad&sv=1&rn=677816

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Jan 2024 04:24:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 178DD9DF4CF74304B32733FB7D2E9D6D Ref B: FRA31EDGE0705 Ref C: 2024-01-10T04:24:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 cm Show response
in-automate.brevo.com/ Frame 73D7 0
296 B 160ms
70ms XHR
text/plain 2606:4700:4400::6812:26d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/cm?uuid=995febe2-1fbf-404a-a0ec-a76ea08a051a&key=5s5vs0j7k8xtlpa33z60jsyc&cuid=e83ec4d2-77f7-46e2-8ac6-5bc360935201
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=5s5vs0j7k8xtlpa33z60jsyc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 04:24:11 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8432261caf0390f2-FRA

GET
H2 200 133118137101934 Show response
connect.facebook.net/signals/config/ 52 KB
13 KB 93ms
93ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/133118137101934?v=2.9.139&r=stable&domain=my.cheddarup.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

185cbef3893c99d0acfbc4d517b2c73a5835b61abd93afc1b33fe1513cfe3b01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jan 2024 04:24:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: qnPS1uoE3KY7msQ5TzPLa5JJsMWSBE438cpAuj0y8hSkwYWayW7oh6iXcpeT30fBgLkRe7Z8zYsO8+aTFaSdfA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 187024528 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 127ms
126ms Script
application/x-javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187024528
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187024528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2c0922a6fe5b42a79a140974f4dd300efcb4e6ce1b82bb50384a912f5871b701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: -1
date: Wed, 10 Jan 2024 04:24:11 GMT
x-azure-ref: 20240110T042410Z-69wrsctxad3nr12dhcgsp2k8x000000008g000000000ahn9
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.cheddarup.com/
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 13:47:17 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38457530-1&cid=1499090852.1704860651&jid=1103805533&_u=YCDAgEABAAAAAGAAI~&z=406403321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 49ms
48ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38457530-1&cid=1499090852.1704860651&jid=1103805533&_u=YCDAgEABAAAAAGAAI~&z=406403321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 117ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=133118137101934&ev=PageView&dl=https%3A%2F%2Fmy.cheddarup.com&rl=&if=false&ts=1704860650988&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4124&fbp=fb.1.1704860650987.776082096&pm=1&hrl=f0b7f3&ler=empty&it=1704860650883&coo=false&cs_cc=1&cas=4090679064354111&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 Jan 2024 04:24:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
93 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W9PXGN8PXY&l=dataLayer&cx=c

Requested by

Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16e539f8d1578125d3d917e412a8212797df701de3ea8d408b0bce89a9c3c583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 04:24:11 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jan 2024 04:24:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54366
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ZjQj/1UlNPSJvHt+HQoWHzsGNzlB/p1mwDaah9YtlwgZsmkZDkJ3pMHf/beUtWMz7hMIOKL62nwm7AYBz7rgJQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 03:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2154
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 10 Jan 2024 05:48:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032962099/ 3 KB
2 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f04eee1b1a9325b0fc10ce072adee02dd4716e9c9b35a1da53acec1d3b21a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2300315.js Show response
static.hotjar.com/c/ 9 KB
4 KB 42ms
42ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2300315.js?sv=7

Requested by

Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

1e275233f0f84a32ea896d492e49d4fe531231534d409427739fdd2257c04c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 04:24:10 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/5186a612d24b7763b0a483b5fec42873
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: K1xuqSOt3MT2Idn2BwZZ_KSnA4F14QQnEFvPEFap7D7UrufZX5xVOA==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 67ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 04:24:10 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 715B7D9358A24A0A86722902C61D6D7F Ref B: FRA31EDGE0705 Ref C: 2024-01-10T04:24:11Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 eg09u813ee Show response
www.clarity.ms/tag/ 1 KB
1 KB 127ms
126ms Script
application/x-javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/eg09u813ee?ref=gtm2
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 17a1bac4866f66f5558b10d222da390574d96f91008c25c9daad036fa0819159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: -1
date: Wed, 10 Jan 2024 04:24:11 GMT
x-azure-ref: 20240110T042411Z-69wrsctxad3nr12dhcgsp2k8x000000008g000000000ahnb
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1035
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 187024528.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 67ms
66ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187024528.js

Requested by

Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9286eab13757c0cfb9923b8398c072a2cb083bc9f061a024a9be5ad70c72d5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 10 Jan 2024 04:24:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3FDF2D411E84DA391758DEF06E9E09C Ref B: FRA31EDGE0705 Ref C: 2024-01-10T04:24:11Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H3 200 133118137101934 Show response
connect.facebook.net/signals/config/ 52 KB
13 KB 40ms
39ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/133118137101934?v=2.9.139&r=stable&domain=my.cheddarup.com

Requested by

Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b1f6159c1befb25505dbc154/banner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

185cbef3893c99d0acfbc4d517b2c73a5835b61abd93afc1b33fe1513cfe3b01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jan 2024 04:24:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13383
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: qnPS1uoE3KY7msQ5TzPLa5JJsMWSBE438cpAuj0y8hSkwYWayW7oh6iXcpeT30fBgLkRe7Z8zYsO8+aTFaSdfA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 77ms
77ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/eg09u813ee?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
content-encoding: br
last-modified: Tue, 09 Jan 2024 16:38:20 GMT
etag: W/"0x8DC1131640C0DB4"
vary: Accept-Encoding
x-azure-ref: 20240110T042411Z-69wrsctxad3nr12dhcgsp2k8x000000008g000000000ahnd
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a8585709-501e-004b-7c1b-43d288000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5B537223619442828DAC36DD2AC3C3E5&RedC=c.clarity.ms&MXFR=3BB1AC12C5326D7F349EB810C132638C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5B537223619442828DAC36DD2AC3C3E5&MUID=10E2CC60C84569BC3FC1D862C9E968DA

42 B
442 B

56ms
55ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5B537223619442828DAC36DD2AC3C3E5&MUID=10E2CC60C84569BC3FC1D862C9E968DA
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FCA3D63728C49189C05503825A1C370 Ref B: FRA31EDGE0705 Ref C: 2024-01-10T04:24:11Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5B537223619442828DAC36DD2AC3C3E5&MUID=10E2CC60C84569BC3FC1D862C9E968DA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 204 p Show response
in-automate.brevo.com/ 0
229 B 68ms
68ms XHR
text/plain 2606:4700:4400::6812:26d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=5s5vs0j7k8xtlpa33z60jsyc&cuid=e83ec4d2-77f7-46e2-8ac6-5bc360935201&ma_url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&sib_type=page&ma_title=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&sib_name=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&ma_referrer=&ma_path=%2Fc%2Fdarkdreams
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=5s5vs0j7k8xtlpa33z60jsyc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 04:24:11 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8432261d7f5690f2-FRA

GET
H3 200 /
www.google.com/pagead/1p-user-list/1032962099/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1032962099/?random=1704860650670&cv=11&fst=1704859200000&bg=ffffff&guid=ON&async=1&gtm=45He4180v78222110&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&label=vvDTCMPIwYYBELOAx-wD&frm=0&tiba=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_5EtlNIcVt5HDrc0ghqOs4FY3F8XR9_GazFh4LP86jmW0Rsg_&random=4251157682&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1032962099/ 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1032962099/?random=1704860650670&cv=11&fst=1704859200000&bg=ffffff&guid=ON&async=1&gtm=45He4180v78222110&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&label=vvDTCMPIwYYBELOAx-wD&frm=0&tiba=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_5EtlNIcVt5HDrc0ghqOs4FY3F8XR9_GazFh4LP86jmW0Rsg_&random=4251157682&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187024528 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 127ms
127ms Script
application/x-javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187024528
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187024528.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2c0922a6fe5b42a79a140974f4dd300efcb4e6ce1b82bb50384a912f5871b701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: -1
date: Wed, 10 Jan 2024 04:24:11 GMT
x-azure-ref: 20240110T042411Z-69wrsctxad3nr12dhcgsp2k8x000000008g000000000ahnp
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame F357 923 KB
265 KB 52ms
51ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=bed1edb4-48fd-495d-86d4-9c00fd3e84aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
x-amz-version-id: PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPBW7W4HNMQNRZQ
age: 3116117
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"6f8511a72c96db8b22e6373718b842ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcnjD%2Fg%2FQH8qD6zHtwGKo9BQBo%2BGB7KWVgSyS5Nt32WhQl6wRQdQbPueczLxH9S%2FIdRvK%2ByxMz98HmtPHjI8ymX6f0ggsdKQmgZgRB8ntmWSEeyUpnxfmCmtkRZOCPHPpYikCEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8432261d7cd9aca9-TXL
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=970157429&t=event&ni=1&_s=2&dl=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&ul=en-us&de=UTF-8&dt=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=307haj&_u=aDDAgEABAAAAAGAAI~&jid=&gjid=&cid=1499090852.1704860651&tid=UA-38457530-1&_gid=1450686140.1704860651&gtm=45He4180n81N3D6S7Fv78222110&cd1=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd9=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Feg09u813ee%2Fjfhlmx%2F307haj&z=701541803

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:40:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=970157429&t=event&ni=1&_s=3&dl=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&ul=en-us&de=UTF-8&dt=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=307haj&_u=aDDAgEABAAAAAGAAI~&jid=&gjid=&cid=1499090852.1704860651&tid=UA-38457530-1&_gid=1450686140.1704860651&gtm=45He4180n81N3D6S7Fv78222110&cd1=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd9=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Feg09u813ee%2Fjfhlmx%2F307haj&z=622628221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:40:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
65 B 229ms
229ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=798920561&prismid=cc27f4ea-d2ab-4f5e-8d7b-adc8cadcee0f&url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.24
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 88
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 8432261dca8e2c49-FRA
content-length: 0

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
296 B 436ms
122ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://my.cheddarup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://my.cheddarup.com
Date: Wed, 10 Jan 2024 04:24:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame F357 25 KB
6 KB 38ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
x-amz-version-id: Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPFGS4SBCJ216KA
age: 3116104
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified: Tue, 05 Dec 2023 00:24:12 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5UZ74oDlODmxPKjY42lQGqqI%2B%2FWlNKPt1apG%2B5XpYT6tWFzfdlByUDrZVWaArV0GWz2uOdksOQKr7k%2Fi6R%2FE8i%2FoFFqhg8y2d95NLj7BYFCIBiPWQtDK1YKo2x%2F8zZUjwgPRp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8432261e9db0aca9-TXL
expires: Wed, 04 Dec 2024 00:24:11 GMT

GET
H2 200 config Show response
cheddarup.zendesk.com/embeddable/ Frame F357 761 B
1 KB 327ms
257ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cheddarup.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe31bf4a394b481bc6b619cf273ac1ded99eea2a10551066c92538f421af7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-868b474749-jk7b2
x-cached: MISS
x-request-id: 8432261f0cb24516-WAW
x-runtime: 0.014670
server: cloudflare
etag: W/"dbe31bf4a394b481bc6b619cf273ac1d"
vary: Accept, Origin, Accept-Encoding
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq1MxBxrT8RAtrDfud1f754zerPkT1MwQmfK1S69qIi2myuTZc4ZiR%2Bsf6%2B8IzUXXDfDiAvR6U9oxI6jMSMVqs9JGQEjOCdNSqe6C%2FdLkW4Y6UGEBn09pu3Qzpuksw0nPaUiIhSa7g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
cf-ray: 8432261f0cb24516-TXL

GET
H2 200 web-widget-chat-sdk-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame F357 202 KB
51 KB 42ms
42ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
x-amz-version-id: TdcYv88Lf5u9m3AG8eAA2HBmnexgob8V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0X24BSPSV39D8D28
age: 3116116
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 1eGND/GjxrlQxia9pWdTTwHT8UuCrrKDdbJzZuma1/VkfAY1PcOzD5FH1w1FjTJn2c8rVgJg5Po=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MNLmbsgwwa%2Ft8ozEwekAPi24oqhVRVxkpaiv%2BOCjvLorGWrHn2Bv3%2B%2B3FGvG1r0QpQYkmiB02iypIo4L8hOwFsMWMTCmPlJhdNM6sQLPdqBUR2Fn1jwpj0hceqIsNKJ9j1hVBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8432261eddd4aca9-TXL
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 401 session Show response
my.cheddarup.com/api/ 24 B
624 B 478ms
478ms XHR
application/json 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/api/session

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/assets/vendor-1a464b8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

782eeaa7f1915f6783146f8180751785584f0f24bd4e503165c7fc4a597da600

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src 'none'; connect-src wss:; font-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; sandbox; script-src 'none'; style-src 'none'; upgrade-insecure-requests; worker-src 'none'
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.cheddarup.com/c/darkdreams
accept-language: de-DE,de;q=0.9
Client-Id: 69d1bcb3-a2ab-4f13-927e-9b0a21d9a71b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKRST448FQF5FAKSY4YC1HHW
date: Wed, 10 Jan 2024 04:24:12 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-captcha-expires-in: -60
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src 'none'; connect-src wss:; font-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; sandbox; script-src 'none'; style-src 'none'; upgrade-insecure-requests; worker-src 'none'
age: 1
x-captcha-verified: false
x-xss-protection: 1; mode=block
x-request-id: d15be92c-afe3-4a47-aa63-7b5440a53107
x-runtime: 0.015955
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
netlify-vary: query
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
x-download-options: noopen
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
cf-apo-via: origin,host
x-tracking-id: d15be92c-afe3-4a47-aa63-7b5440a53107
cf-ray: 84322620ce5c9196-FRA

GET
H2 200 eyJlZGl0cyI6eyJmbGF0dGVuIjp7ImJhY2tncm91bmQiOnsiciI6MjU1LCJnIjoyNTUsImIiOjI1NX19LCJibHVyIjoxMjB9LCJvdXRwdXRGb3JtYXQiOiJqcGVnIiwiYnVja2V0IjoiY2hlZGRhci11cCIsImtleSI6InVwbG9hZHMvaW1hZ2Uvc2lnbmVkLzY5N...
images.cheddarcdn.com/ 7 KB
8 KB 3273ms
3177ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cheddarcdn.com/eyJlZGl0cyI6eyJmbGF0dGVuIjp7ImJhY2tncm91bmQiOnsiciI6MjU1LCJnIjoyNTUsImIiOjI1NX19LCJibHVyIjoxMjB9LCJvdXRwdXRGb3JtYXQiOiJqcGVnIiwiYnVja2V0IjoiY2hlZGRhci11cCIsImtleSI6InVwbG9hZHMvaW1hZ2Uvc2lnbmVkLzY5NTUzOS9UYWIvMzAxMzQ1L2VkaXRlZF9MZTQ2MFJ4RFUtMzAxMzQ1In0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9eb2425a645c89080e86ec7c4780dd55e60f0593cf2406eaf857e8a65c7632c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:14 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 6b7c83a0-a255-4af2-91e0-06021869b99c
x-cache: Miss from cloudfront
x-amz-apigw-id: RTlM6HZgIAMEcmw=
content-length: 7614
last-modified: Wed, 23 Aug 2023 04:24:33 GMT
server: cloudflare
x-amzn-trace-id: Root=1-659e1beb-4540551511b1825b70c8feca;Sampled=0;lineage=a971416a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oymLCikL9DGNQv3HW%2FEu0T8ra7gCwLKPlfZ5vgRzyJriRu%2FnNzbTeZ24%2FIMdVJSMVQ5PN0eUucAa5YOCgZ8oxxcJxLklLvCDmdpaXLUwlSe2gR6dYltYNbBfBXDKDkQQoL01nz9DwbiOy18hiYI0pF270w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 843226216c201e31-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: GjmB9NtKLIQdWktUwnEYxBVdgaTjPNcXgCbn5ZvVhqwiAWFB6Sq-Ng==

GET
H2 200 AvenirLTStd-Light.woff
my.cheddarup.com/webfonts/ 23 KB
23 KB 48ms
47ms Font
application/font-woff 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/webfonts/AvenirLTStd-Light.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7c29e42b6b2e2a567f7d31866555a8be0210817b69da670f100d2ff2f6b6cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.cheddarup.com/c/darkdreams
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKMW19925F0XFY7K25Y80G14
date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 131886
cache-status: "Netlify Edge"; fwd=miss
etag: W/"da2ded9d2fb85c76e3f4e2a84945ed40-ssl-df"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=365000000, immutable
cf-ray: 84322620ce619196-FRA

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital@0;1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:12:37 GMT
x-content-type-options: nosniff
age: 69094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 09:12:37 GMT

GET
H2 200 AvenirLTStd-Heavy.woff
my.cheddarup.com/webfonts/ 24 KB
24 KB 49ms
49ms Font
application/font-woff 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/webfonts/AvenirLTStd-Heavy.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e192b5d0f03dd35a219f99eada1af9f6f1469f75626781644e954fdc2473762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.cheddarup.com/c/darkdreams
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKMW1994WQR0AHAF72H1E0D9
date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 131886
cache-status: "Netlify Edge"; fwd=miss
etag: W/"a6f4ac15663144a4921670585df05362-ssl-df"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=365000000, immutable
cf-ray: 84322620ce639196-FRA

GET
H2 200 AvenirLTStd-LightOblique.woff
my.cheddarup.com/webfonts/ 24 KB
24 KB 51ms
51ms Font
application/font-woff 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/webfonts/AvenirLTStd-LightOblique.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00dfb37b08d5973235b0cd2992ba97215f3352c0f011a8fa40192a9e20f18a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.cheddarup.com/c/darkdreams
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKMXHC8P8H0W3CDWCF3RQA6T
date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 130310
cache-status: "Netlify Edge"; fwd=miss
etag: W/"2c7eb9f86e0eb101efb0728d7a0c4755-ssl-df"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=365000000, immutable
cf-ray: 84322620ce649196-FRA

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 162ms
76ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital@0;1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:50:11 GMT
x-content-type-options: nosniff
age: 142440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 12:50:11 GMT

GET
H2 200 AvenirLTStd-Roman.woff
my.cheddarup.com/webfonts/ 24 KB
24 KB 52ms
52ms Font
application/font-woff 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/webfonts/AvenirLTStd-Roman.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f91fca8b46119ba4742fa2eb1db9548edb4fe8ebd1f2b5e89aa93545ca1358c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.cheddarup.com/c/darkdreams
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKMW198Z07F84QG4W62BZCY4
date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 131886
cache-status: "Netlify Edge"; fwd=stale
etag: W/"79709c5509b1f4d932a7a7570095948f-ssl-df"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=365000000, immutable
cf-ray: 84322620ce659196-FRA

GET
H2 200 AvenirLTStd-Medium.woff
my.cheddarup.com/webfonts/ 24 KB
24 KB 50ms
50ms Font
application/font-woff 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/webfonts/AvenirLTStd-Medium.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5910a61f2a9c0e2b887fd6002830b106e65e6179e302f04474de8a84b375f1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.cheddarup.com/c/darkdreams
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKMW19941CW2P22V3EZ6A5T2
date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 131886
cache-status: "Netlify Edge"; hit
etag: W/"f71f4ef0790e4dacbd0d2e6842195c0d-ssl-df"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=365000000, immutable
cf-ray: 84322620ce669196-FRA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 37ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=bed1edb4-48fd-495d-86d4-9c00fd3e84aa

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 54
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUUNexdP2xuW%2FrrwVyCv39Z%2BVtA5sj%2BBhmcZ4dvzSJP3Jf69%2FZiE51XNxzX2sfBAB4IXCaUD48U0TGjCBLmxxQ%2FXSuxGZJ0IZtrQqF7Ik7k%2FMhIy0sNHtWItHt6qe1YwFBaE3Lk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 84322620df38aca9-TXL

GET
H2 200 sa.js Show response
sibautomation.com/ 8 KB
3 KB 58ms
58ms Script
text/javascript 2606:4700:4400::ac40:96ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=5s5vs0j7k8xtlpa33z60jsyc
Requested by: Host: my.cheddarup.com
URL: https://my.cheddarup.com/c/darkdreams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:96ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: 170be8230b71c7276d7f1b8ae46638f893216bb2dc3f9cb4d7320e88fa558dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1957
cf-polished: origSize=10688
etag: W/"29c0-QMKSDKj1D4k89JnW5TLws0oYXCc"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 84322620defc1c40-FRA
expires: Wed, 10 Jan 2024 04:25:11 GMT

POST
H/1.1 204
No Content collect
w.clarity.ms/ 0
296 B 245ms
240ms Ping
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.cheddarup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://my.cheddarup.com
Date: Wed, 10 Jan 2024 04:24:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 eyJlZGl0cyI6eyJmbGF0dGVuIjp7ImJhY2tncm91bmQiOnsiciI6MjU1LCJnIjoyNTUsImIiOjI1NX19fSwib3V0cHV0Rm9ybWF0IjoianBlZyIsImJ1Y2tldCI6ImNoZWRkYXItdXAiLCJrZXkiOiJ1cGxvYWRzL2ltYWdlL3NpZ25lZC82OTU1MzkvVGFiLzMwM...
images.cheddarcdn.com/ 85 KB
86 KB 820ms
745ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cheddarcdn.com/eyJlZGl0cyI6eyJmbGF0dGVuIjp7ImJhY2tncm91bmQiOnsiciI6MjU1LCJnIjoyNTUsImIiOjI1NX19fSwib3V0cHV0Rm9ybWF0IjoianBlZyIsImJ1Y2tldCI6ImNoZWRkYXItdXAiLCJrZXkiOiJ1cGxvYWRzL2ltYWdlL3NpZ25lZC82OTU1MzkvVGFiLzMwMTM0NS9lZGl0ZWRfTGU0NjBSeERVLTMwMTM0NSJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7991e7133693964441436d809dfc37797b649558fa2ee7e344554a5d2367cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:12 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: ea5cdb17-f169-4f94-9963-036b62fb10f0
x-cache: Miss from cloudfront
x-amz-apigw-id: RTlM6FMYoAMEM6w=
content-length: 87177
last-modified: Wed, 23 Aug 2023 04:24:33 GMT
server: cloudflare
x-amzn-trace-id: Root=1-659e1beb-4f3ea61f44a6fff7362d5452;Sampled=0;lineage=a971416a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeyjPYjWj9iWg4qI0%2F0q%2ByHS7A%2FuveSj9dK3aKeBWiLfSED3T%2FS8lJFKy1S6yrzwKgnfGbB3KsNzAvW%2BM0dm0o%2BEOVlGMQeaHGWTZIQgYcH%2BmSsYUpLzCvGQ5jK7fEKQdqxlovUtW58Iyt8xApjL9MwfZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 843226216c221e31-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: vys169KaVdakK7uWamc0FOwg2aWgo3UAw1VyonZLUj36mq9KpvtHLQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=970157429&t=pageview&_s=1&dl=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams%3Fcart&ul=en-us&de=UTF-8&dt=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAgEABAAAAAGAAI~&jid=&gjid=&cid=1499090852.1704860651&tid=UA-38457530-1&_gid=1450686140.1704860651&gtm=45He4180n81N3D6S7Fv78222110&cd1=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams%3Fcart&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1835364536

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 13:40:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53051
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=133118137101934&ev=PageView&dl=https%3A%2F%2Fmy.cheddarup.com&rl=&if=false&ts=1704860651644&sw=1600&sh=1200&v=2.9.139&r=stable&ec=1&o=4124&fbp=fb.1.1704860650987.776082096&pm=1&hrl=6d01b8&ler=empty&it=1704860650883&coo=false&cs_cc=1&cas=4090679064354111&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 Jan 2024 04:24:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 404 carts Show response
my.cheddarup.com/api/collections/darkdreams/ 21 B
1 KB 214ms
214ms XHR
application/json 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/api/collections/darkdreams/carts

Requested by

Host: my.cheddarup.com
URL: https://my.cheddarup.com/assets/vendor-1a464b8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2dfdc9511fbeaa0701d1f8730f4989313b062ca1b61a2bd8bed8f4f5d654b5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src 'none'; connect-src wss:; font-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; sandbox; script-src 'none'; style-src 'none'; upgrade-insecure-requests; worker-src 'none'
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.cheddarup.com/c/darkdreams?cart
accept-language: de-DE,de;q=0.9
Client-Id: 69d1bcb3-a2ab-4f13-927e-9b0a21d9a71b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

x-nf-request-id: 01HKRST454BQRDF9912REE3YV0
date: Wed, 10 Jan 2024 04:24:11 GMT
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src 'none'; connect-src wss:; font-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; manifest-src 'none'; media-src 'none'; object-src 'none'; sandbox; script-src 'none'; style-src 'none'; upgrade-insecure-requests; worker-src 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-captcha-expires-in: -60
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31556952; includeSubDomains; preload
age: 0
content-encoding: br
x-captcha-verified: false
x-xss-protection: 1; mode=block
x-request-id: 956dd667-bb2a-4872-ac9c-d7610995fc33
x-runtime: 0.039378
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
netlify-vary: query
server: cloudflare
cache-status: "Netlify Edge"; fwd=method
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://my.cheddarup.com
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
x-frame-options: sameorigin
x-tracking-id: 956dd667-bb2a-4872-ac9c-d7610995fc33
cf-ray: 84322620ee709196-FRA

GET
H2 200 visit Show response
trackcmp.net/ 0
147 B 188ms
188ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/visit?actid=798920561&e=undefined&r=&u=https://my.cheddarup.com/c/darkdreams?cart&callback=__jp1
Requested by: Host: my.cheddarup.com
URL: https://my.cheddarup.com/assets/vendor-1a464b8e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.24
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 50
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 843226210ca42c49-FRA
content-length: 0

GET
H2 200 AvenirLTStd-Light.woff2
my.cheddarup.com/webfonts/ 18 KB
18 KB 49ms
48ms Font
font/woff2 2606:4700:10::6816:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.cheddarup.com/webfonts/AvenirLTStd-Light.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12a1c391b024696bc0b6bb42a09244473a8bdbac1843d3565dee88ea4828a851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://my.cheddarup.com/c/darkdreams
Origin: https://my.cheddarup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nf-request-id: 01HKP0JZ6MZZ8XMHVEWXRTG8A6
date: Wed, 10 Jan 2024 04:24:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
server: cloudflare
age: 93558
cache-status: "Netlify Edge"; hit
etag: "107f3fcf3da5933faa6a5810d21267d3-ssl"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=365000000, immutable
accept-ranges: bytes
cf-ray: 843226211e7f9196-FRA
content-length: 17972

GET
H2 200 cm.html Show response
sibautomation.com/ Frame FCD2 2 KB
1 KB 47ms
47ms Document
text/html 2606:4700:4400::ac40:96ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?key=5s5vs0j7k8xtlpa33z60jsyc
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=5s5vs0j7k8xtlpa33z60jsyc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:96ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: fa38e781f02a236f6ec2c512b5a6834ba5254fb5532ea39a9ad9fe151f3d8ed7

Request headers

Referer: https://my.cheddarup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 16420
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 843226214f301c40-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 10 Jan 2024 04:24:11 GMT
expires: Wed, 10 Jan 2024 06:24:11 GMT
server: cloudflare
traceresponse: 00-c1c7aeb6e0e90a2ff7ad58904ba8ce54-3b8257f7daab02d0-01
vary: Accept-Encoding
x-dt-tracestate: 14ea3eee-a07e0240@dt
x-powered-by: Sails <sailsjs.com>

GET
H2 200 web-widget-chat-incoming-message-notification-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame F357 236 B
700 B 38ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
x-amz-version-id: vFeMRdO_ves3AqXqcJa51X.kBsGbKmeW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: A4N17FH4T4Q3T2FA
age: 3116115
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: jj3IJP8SG1qYvE4k5/yGOQQcVY1t9fS2FwFAUdl7K5931Xd3flm5WF8IJiZ/yy12ah/e+h8TsYA=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsBYoCDSKDNdPhnwyiuUyvTdMcrXTfHLQl8CZYwp9qJXPPeYy1GxlGwAM7xt7Ru5G2yDh5STrogCWrn3wJ0mDHR0flLqkMgubudY2K2LiSsUrfsB%2FseFdBKA0%2FlyzZKn48KHI%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 843226215f7eaca9-TXL
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame F357 19 KB
20 KB 38ms
38ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 10 Jan 2024 04:24:11 GMT
x-amz-version-id: 4bV_wFumuJbx5cco1BXg1VPt41lZHsX1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZJZE7JMCCHH4D6TV
age: 4075125
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: eANrIaPqScX/HcTBuO9Ygxuy2PDIF5gMPbbtEnNP4r8awfJScAcJ08j4BwLBd4anl8viLy0rADU=
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ%2FTworuYPcHj2bOpxJjz3j6HS7qzqlBOi8wWzXKVP9OmDn1hg%2FOifuCkMs4RnYoP8qtal4cK5kxDe%2BnOZu1GFTOQIMpyWk2ukkVJh96jHXsxigXKRa9Fmy9VEjGjLg0pRmzulg%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 843226219fa7aca9-TXL
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H2 204 p Show response
in-automate.brevo.com/ 0
253 B 64ms
64ms XHR
text/plain 2606:4700:4400::6812:26d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=5s5vs0j7k8xtlpa33z60jsyc&cuid=e83ec4d2-77f7-46e2-8ac6-5bc360935201&ma_url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams%3Fcart&sib_type=page&ma_title=Dark%20Dreams%20%26%20Darker%20Delights%3A%20A%20Midnight%20Masquerade%20Double-Feature%20%F0%9F%8C%91%20-%20Cheddar%20Up&sib_name=Dark%20Dreams%20%26%20Darker%20Delights%3A%20A%20Midnight%20Masquerade%20Double-Feature%20%F0%9F%8C%91%20-%20Cheddar%20Up&ma_referrer=&ma_path=%2Fc%2Fdarkdreams
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=5s5vs0j7k8xtlpa33z60jsyc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 04:24:12 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84322622d90d90f2-FRA

GET
H2 204 p Show response
in-automate.brevo.com/ 0
230 B 67ms
67ms XHR
text/plain 2606:4700:4400::6812:26d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=5s5vs0j7k8xtlpa33z60jsyc&cuid=e83ec4d2-77f7-46e2-8ac6-5bc360935201&ma_url=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams%3Fcart&ma_path=%2Fc%2Fdarkdreams&sib_type=page&ma_title=Dark%20Dreams%20%26%20Darker%20Delights%3A%20A%20Midnight%20Masquerade%20Double-Feature%20%F0%9F%8C%91%20-%20Cheddar%20Up&sib_name=%2Fc%2Fdarkdreams&ma_referrer=
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=5s5vs0j7k8xtlpa33z60jsyc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:26d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.cheddarup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 04:24:12 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84322622d90e90f2-FRA

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
296 B 135ms
135ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://my.cheddarup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://my.cheddarup.com
Date: Wed, 10 Jan 2024 04:24:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-W9PXGN8PXY&gtm=45je4180v871824799&_p=1704860650295&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1499090852.1704860651&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&dp=%2Fc%2Fdarkdreams&sid=1704860650&sct=1&seg=1&dl=https%3A%2F%2Fmy.cheddarup.com%2Fc%2Fdarkdreams&dt=Collect%20Money%20Online.%20Collect%20from%20a%20Group%20for%20Free.%20Get%20Started%20Now.&_s=3&tfd=6596
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W9PXGN8PXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.cheddarup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 04:24:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.cheddarup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cheddarup.com/	1970-01-20 19:43:56	Name: _gcl_au Value: 1.1.890443326.1704860651
.cheddarup.com/	1970-01-21 03:10:20	Name: _ga Value: GA1.2.1499090852.1704860651
.cheddarup.com/	1970-01-20 17:35:47	Name: _gid Value: GA1.2.1450686140.1704860651
.cheddarup.com/	1970-01-20 17:34:20	Name: _dc_gtm_UA-38457530-1 Value: 1
.my.cheddarup.com/	1970-01-20 21:56:03	Name: sib_cuid Value: e83ec4d2-77f7-46e2-8ac6-5bc360935201
.cheddarup.com/	1970-01-20 17:35:47	Name: _uetsid Value: 1a59cbd0af7011eebc60e31492959215
.cheddarup.com/	1970-01-21 02:55:56	Name: _uetvid Value: 1a59c2f0af7011eeaae181e5b1aea013
sibautomation.com/	1970-01-20 21:56:03	Name: uuid Value: 995febe2-1fbf-404a-a0ec-a76ea08a051a
.bing.com/	1970-01-21 02:55:56	Name: MUID Value: 10E2CC60C84569BC3FC1D862C9E968DA
trackcmp.net/	1970-01-20 18:18:59	Name: cmp798920561 Value: d26992416aec5ea2d991649d74f2abdb
.cheddarup.com/	1970-01-20 19:43:56	Name: _fbp Value: fb.1.1704860650987.776082096
.cheddarup.com/	1970-01-21 02:19:56	Name: cookieyes-consent Value: consentid:eGdlRTc3bWtRUmRBVDBQbFNxN1MwNFhLYzJQSXJHTVM,consent:yes,action:no,necessary:yes,functional:yes,analytics:yes,performance:yes,advertisement:yes,other:yes
.doubleclick.net/	1970-01-21 02:55:56	Name: IDE Value: AHWqTUlsmJVaDwRbCpt4H66af-rn6d7C2Xc2BibgNI4Gyvpucyrx-kr5XG0BPheH
.cheddarup.com/	1970-01-21 02:19:56	Name: _hjSessionUser_2300315 Value: eyJpZCI6ImJlYzMyOWUzLTQwZmMtNWUzMi1hNDM3LTFkMjlmNjJkZDg0ZiIsImNyZWF0ZWQiOjE3MDQ4NjA2NTEwODksImV4aXN0aW5nIjpmYWxzZX0=
.cheddarup.com/	1970-01-20 17:34:22	Name: _hjFirstSeen Value: 1
.cheddarup.com/	1970-01-20 17:34:22	Name: _hjIncludedInSessionSample_2300315 Value: 0
.cheddarup.com/	1970-01-20 17:34:22	Name: _hjSession_2300315 Value: eyJpZCI6IjJhMTM1MWJjLTEwMjItNDhhYy1hNWE4LWVmMzIzNDE3ZmFkNCIsImMiOjE3MDQ4NjA2NTEwOTAsInMiOjAsInIiOjAsInNiIjowfQ==
.cheddarup.com/	1970-01-20 17:34:22	Name: _hjAbsoluteSessionInProgress Value: 0
.cheddarup.com/	1970-01-20 18:18:59	Name: _upscope__region Value: ImV1LWNlbnRyYWwi
.cheddarup.com/	1970-01-21 02:19:56	Name: _clck Value: jfhlmx%7C2%7Cfia%7C0%7C1470
www.clarity.ms/	1970-01-21 02:19:56	Name: CLID Value: 1ffdf4b0ca804254842cd8d22552a6cc.20240110.20250109
prism.app-us1.com/	1970-01-20 18:17:32	Name: prism_798920561 Value: cc27f4ea-d2ab-4f5e-8d7b-adc8cadcee0f
.cheddarup.com/	1970-01-20 18:17:32	Name: prism_798920561 Value: cc27f4ea-d2ab-4f5e-8d7b-adc8cadcee0f
.c.bing.com/	1970-01-20 17:44:25	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:55:56	Name: SRM_B Value: 10E2CC60C84569BC3FC1D862C9E968DA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:55:56	Name: MUID Value: 10E2CC60C84569BC3FC1D862C9E968DA
.c.clarity.ms/	1970-01-20 17:44:25	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:34:21	Name: ANONCHK Value: 0
widget-mediator.zopim.com/	1970-01-20 17:44:25	Name: AWSALBCORS Value: rZDBN3IxU28KdNJ5OVcerDCtefRH+bUSQQ6tWyzsDJNHz6RuOYr8BWTg9i3ekAPshXhFOK8fWjR8TA6Mku41GjvuU447VCyQcVRo9QZcxCpY5IGg+X8HsFkk2ijJ
.cheddarup.com/	1970-01-20 18:18:59	Name: _upscope__shortId Value: IkRMWlRNQ1NQWkRYMTFZR1RYIg==
my.cheddarup.com/	1970-01-20 17:34:20	Name: _mkra_stck Value: postgresql_1%3A1704860656.4656928
.cheddarup.com/	1970-01-21 02:19:56	Name: __zlcmid Value: 1JkmPVAhBKbE7D3
.cheddarup.com/	1970-01-20 17:35:47	Name: _cheddar_up_chevre_session Value: 3rN040WjbSN5F8Z3geqNAz00Fw90lFh8lYTPdKtoKpoNfRyR8WmZDqQDgPbvRhzWZtFLjmk7Qtr7nz1cMSRshFVElCVl7qmmNY7DSaYAqOcmaXII488JkzLK2seU7ZTeqj1cNltp7J5bs1hF4KygaJk9vLrz1IkvRfmczyp1XDittCB%2FXhqftKgaVJfMBPySz5CeMAMHNgVr6eLvbfiVdKTkYCBOvrLV0CO5qP3QM9JkLihP1jXYkw%3D%3D--dhD9vzQ4UvSDjR8l--VQ%2FQTTAjQd7tD%2BkBoXKNtw%3D%3D
.cheddarup.com/	1970-01-20 17:35:47	Name: _clsk Value: g4zkk9%7C1704860652136%7C1%7C1%7Cw.clarity.ms%2Fcollect
.cheddarup.com/	1970-01-21 03:10:20	Name: _ga_W9PXGN8PXY Value: GS1.1.1704860650.1.1.1704860652.58.0.0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/133118137101934?v=2.9.139&r=stable&domain=my.cheddarup.com(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://my.cheddarup.com/api/session Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://my.cheddarup.com/api/collections/darkdreams/carts Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://my.cheddarup.com/api/session Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
c.bing.com
c.clarity.ms
cdn-cookieyes.com
cdn.withpersona.com
cheddarup.zendesk.com
code.upscope.io
connect.facebook.net
darkdreams.cheddarup.com
diffuser-cdn.app-us1.com
directory.cookieyes.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.cheddarcdn.com
in-automate.brevo.com
js.upscope.io
log.cookieyes.com
my.cheddarup.com
nakedbeats.art
prism.app-us1.com
region1.analytics.google.com
script.hotjar.com
script.tapfiliate.com
sibautomation.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
trackcmp.net
w.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.16.53.111
104.18.70.113
104.18.72.113
13.32.27.29
15.197.142.173
18.165.183.49
18.165.183.59
18.165.183.77
18.165.183.85
18.66.97.10
2001:4860:4802:34::36
23.96.124.156
2606:4700:10::6816:36f6
2606:4700:20::ac43:44d6
2606:4700:20::ac43:47bf
2606:4700:4400::6812:22d6
2606:4700:4400::6812:26d8
2606:4700:4400::ac40:96ba
2606:4700::6810:a0d
2620:1ec:46::63
2620:1ec:c11::200
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.244.189.201
54.72.167.172
54.77.178.119
68.219.88.97
12a1c391b024696bc0b6bb42a09244473a8bdbac1843d3565dee88ea4828a851
16e539f8d1578125d3d917e412a8212797df701de3ea8d408b0bce89a9c3c583
170be8230b71c7276d7f1b8ae46638f893216bb2dc3f9cb4d7320e88fa558dd0
17a1bac4866f66f5558b10d222da390574d96f91008c25c9daad036fa0819159
185cbef3893c99d0acfbc4d517b2c73a5835b61abd93afc1b33fe1513cfe3b01
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e275233f0f84a32ea896d492e49d4fe531231534d409427739fdd2257c04c6c
1ea241ba80ff51d92cd71bc2249e5f65264a0e1457caa25519743390def002f2
2c0922a6fe5b42a79a140974f4dd300efcb4e6ce1b82bb50384a912f5871b701
301440ab7282266fe69fbe3e08ba71a83dd3edfd905d9541eae026cd9c83a404
40a77c47a61e17d7c8edd41de89eb651387c290281eaff781601d75d0fdf8fe2
44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5910a61f2a9c0e2b887fd6002830b106e65e6179e302f04474de8a84b375f1c4
59e1aa5579818a1fa07a06ccac58512ad354c2ff2675534ffc40b46eeb172fc5
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7
6034efeed2b984cb0e213e03082b9fc08c8a42620521b4daf1a584bdd6d431c8
65a56e83d9960645d4a9302e7325abe4b2295a67926798b689dd51f5dd845e89
66c4ae3db356f8fafcc14884e1350c11a1f648a337d14509952bf245e6477e6d
782eeaa7f1915f6783146f8180751785584f0f24bd4e503165c7fc4a597da600
7991e7133693964441436d809dfc37797b649558fa2ee7e344554a5d2367cff4
7ada1b00c12bc3aa520e14930e645183e8a730a36e89ad6175b5e88399584d25
815459532783cb36ebe98b7980ad54da494071d7015ba4154a8da5a33a332069
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869af33711821205fc5a560682917eb2dec002876acab3a9352c0caeac53f779
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
8e192b5d0f03dd35a219f99eada1af9f6f1469f75626781644e954fdc2473762
8ed2f77ad9cd80de213140c6173850fe5426cc004e5b3b03a3a51c057e798e47
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1
9286eab13757c0cfb9923b8398c072a2cb083bc9f061a024a9be5ad70c72d5bf
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a44559b51ee302d5214deb36e174113d22ee006b267519c0c594805ea6ad392
9eb2425a645c89080e86ec7c4780dd55e60f0593cf2406eaf857e8a65c7632c9
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a27fdd3b7c3a235696be8a833450941d67aacdd8dd51cf2ef98ff1a325b0b866
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
b7c29e42b6b2e2a567f7d31866555a8be0210817b69da670f100d2ff2f6b6cc1
c4f04eee1b1a9325b0fc10ce072adee02dd4716e9c9b35a1da53acec1d3b21a8
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2dfdc9511fbeaa0701d1f8730f4989313b062ca1b61a2bd8bed8f4f5d654b5d
d3935a45b7144c7662254679b6fce88f330c4350c05e6372b422a036d09e1abc
d600284add4b0582b2952334a16d4a174e0f43dea284c2a6f0cd7a210c3694b5
dbe31bf4a394b481bc6b619cf273ac1ded99eea2a10551066c92538f421af7fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45927e85ddeba0f12b760e592eb139b653079cc12072dceb66c80d96479bef3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00dfb37b08d5973235b0cd2992ba97215f3352c0f011a8fa40192a9e20f18a9
f330bb54c82eafa2476377b5a38a387980bfc019ebbb9e03ff0f62ef798f4ef9
f91fca8b46119ba4742fa2eb1db9548edb4fe8ebd1f2b5e89aa93545ca1358c7
fa38e781f02a236f6ec2c512b5a6834ba5254fb5532ea39a9ad9fe151f3d8ed7
ffa4d98425c02df7fa66fe73e5f6fcf4cd4a7a5bfd6428f497bb56090f177f15

my.cheddarup.com Open in urlscan Pro 2606:4700:10::6816:36f6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

99 %HTTPS

58 %IPv6

26 Domains

38 Subdomains

35 IPs

5 Countries

3522 kBTransfer

11009 kBSize

36 Cookies

32 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

my.cheddarup.com Open in urlscan Pro
2606:4700:10::6816:36f6 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

99 %
HTTPS

58 %
IPv6

26
Domains

38
Subdomains

35
IPs

5
Countries

3522 kB
Transfer

11009 kB
Size

36
Cookies

99 HTTP transactions
1 data transactions