urlscan.io logo urlscan.io
SecurityTrails logo

cf-cw.store.cffuncw.com Open in urlscan Pro
104.18.28.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cf-cw.store.cffuncw.com/
Effective URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~...
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 21 domains to perform 111 HTTP transactions. The main IP is 104.18.28.61, located in and belongs to CLOUDFLARENET, US. The main domain is cf-cw.store.cffuncw.com.
TLS certificate: Issued by GTS CA 1P5 on September 21st 2023. Valid for: 3 months.
This is the only time cf-cw.store.cffuncw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.29.61 13335 (CLOUDFLAR...)
1 28 104.18.28.61 13335 (CLOUDFLAR...)
1 1 52.88.79.193 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
5 23.38.98.121 20940 (AKAMAI-ASN1)
4 4 2620:109:c002... 14413 (LINKEDIN)
1 13.107.42.14 8068 (MICROSOFT...)
3 151.101.128.84 54113 (FASTLY)
12 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 151.101.66.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
8 2001:4860:480... 15169 (GOOGLE)
6 2600:1901:0:7... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
12 2a00:1450:400... 15169 (GOOGLE)
1 108.138.7.60 16509 (AMAZON-02)
11 2a03:2880:f17... 32934 (FACEBOOK)
3 104.18.11.202 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
111 20
1    104.18.29.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cf-cw.store.cffuncw.com
28    104.18.28.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cf-cw.store.cffuncw.com
1    52.88.79.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-79-193.us-west-2.compute.amazonaws.com
accessoar.queue-it.net
6    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a02:26f0:480:5a2::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    2a02:26f0:480:f::213:7ecb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
5    23.38.98.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-121.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    2620:109:c002::6cae:a14 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
12    2a02:26f0:480:f::213:7ed2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.rokt.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
8    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
6    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
4    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
12    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.138.7.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-60.fra56.r.cloudfront.net
znmmvaov.micpn.com
11    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    104.18.11.202 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.accessocdn.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
29 cffuncw.com
cf-cw.store.cffuncw.com
2 MB
18 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
www.google-analytics.com — Cisco Umbrella Rank: 42
23 KB
12 rokt.com
apps.rokt.com — Cisco Umbrella Rank: 8625
396 KB
11 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
495 B
6 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 947
210 B
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
510 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
www.linkedin.com — Cisco Umbrella Rank: 708
px4.ads.linkedin.com — Cisco Umbrella Rank: 6066
7 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 766
138 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
153 KB
3 accessocdn.com
assets.accessocdn.com — Cisco Umbrella Rank: 137460
68 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 965
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 427
14 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
398 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
71 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 981
7 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 980
21 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 micpn.com
znmmvaov.micpn.com — Cisco Umbrella Rank: 352951
441 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 248
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 456
10 KB
1 queue-it.net
accessoar.queue-it.net — Cisco Umbrella Rank: 147361
852 B
111 21
Domain Requested by
29 cf-cw.store.cffuncw.com 2 redirects cf-cw.store.cffuncw.com
12 www.google-analytics.com www.googletagmanager.com
cf-cw.store.cffuncw.com
www.google-analytics.com
12 apps.rokt.com cf-cw.store.cffuncw.com
apps.rokt.com
11 www.facebook.com
6 sessions.bugsnag.com cf-cw.store.cffuncw.com
6 region1.google-analytics.com www.googletagmanager.com
6 www.googletagmanager.com cf-cw.store.cffuncw.com
www.googletagmanager.com
5 analytics.tiktok.com cf-cw.store.cffuncw.com
analytics.tiktok.com
4 connect.facebook.net cf-cw.store.cffuncw.com
connect.facebook.net
3 assets.accessocdn.com
3 ct.pinterest.com s.pinimg.com
cf-cw.store.cffuncw.com
3 px.ads.linkedin.com 3 redirects
3 bat.bing.com www.googletagmanager.com
bat.bing.com
cf-cw.store.cffuncw.com
2 stats.g.doubleclick.net www.googletagmanager.com
cf-cw.store.cffuncw.com
2 region1.analytics.google.com www.googletagmanager.com
2 snap.licdn.com cf-cw.store.cffuncw.com
snap.licdn.com
2 s.pinimg.com cf-cw.store.cffuncw.com
s.pinimg.com
1 www.google.de
1 znmmvaov.micpn.com cf-cw.store.cffuncw.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com cf-cw.store.cffuncw.com
1 px4.ads.linkedin.com cf-cw.store.cffuncw.com
1 www.linkedin.com 1 redirects
1 accessoar.queue-it.net 1 redirects
111 24

This site contains links to these domains. Also see Links.

Domain
accesso.com
Subject Issuer Validity Valid
store.cffuncw.com
GTS CA 1P5		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
apps.rokt.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-07 -
2023-12-20		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-04-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-28 -
2023-10-26		 3 months crt.sh
*.micpn.com
Amazon RSA 2048 M01		 2023-03-01 -
2024-02-16		 a year crt.sh
accessocdn.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Frame ID: 995C709E269610FFBCB2467078AD5615
Requests: 96 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/controller/index.html
Frame ID: AD5CBCEE6920CE861BFFAA36AA76252E
Requests: 4 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Frame ID: A4FDC8035BD3519EF95778E0FC56313F
Requests: 2 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugins/widget/index.html
Frame ID: 3A9E9A6E68C86544323FDF2F53EE747D
Requests: 2 HTTP requests in this frame

Frame: https://apps.rokt.com/wsdk/plugins/dcui/index.html
Frame ID: 111D349EA6D5A679D5647165D8D18A01
Requests: 3 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 8055F2AE2228778AB3CEF1598C1DD502
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canada's Wonderland

Page URL History Show full URLs

  1. http://cf-cw.store.cffuncw.com/ HTTP 301
    https://cf-cw.store.cffuncw.com/ HTTP 302
    https://accessoar.queue-it.net/?c=accessoar&e=cedarcanadaswonder&ver=v3-javascript-3.6.3&cver=910&man=Cedar... HTTP 302
    https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

111
Requests

99 %
HTTPS

57 %
IPv6

21
Domains

24
Subdomains

20
IPs

4
Countries

3018 kB
Transfer

10393 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cf-cw.store.cffuncw.com/ HTTP 301
    https://cf-cw.store.cffuncw.com/ HTTP 302
    https://accessoar.queue-it.net/?c=accessoar&e=cedarcanadaswonder&ver=v3-javascript-3.6.3&cver=910&man=Cedar%20Fair%20-%20Canada%27s%20Wonderland&t=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F&kupver=cloudflare-1.2.0 HTTP 302
    https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder%7Eq_1e0968f4-1e21-42ed-8860-72cb3307ce3e%7Ets_1697724898%7Ece_true%7Ert_safetynet%7Eh_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3647738%26time%3D1697724719885%26url%3Dhttps%253A%252F%252Fcf-cw.store.cffuncw.com%252F%253Fqueueittoken%253De_cedarcanadaswonder%257Eq_1e0968f4-1e21-42ed-8860-72cb3307ce3e%257Ets_1697724898%257Ece_true%257Ert_safetynet%257Eh_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder%7Eq_1e0968f4-1e21-42ed-8860-72cb3307ce3e%7Ets_1697724898%7Ece_true%7Ert_safetynet%7Eh_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder%7Eq_1e0968f4-1e21-42ed-8860-72cb3307ce3e%7Ets_1697724898%7Ece_true%7Ert_safetynet%7Eh_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&cookiesTest=true&liSync=true&e_ipv6=AQKPHi62Gm1xRQAAAYtIR2cP1doXDQ7WfuF7DgkywskUttBbLoO25kSpf_FcHw7DF853LFBtCRzRdKzp_xX4jjMc7iu9ZA

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cf-cw.store.cffuncw.com/
Redirect Chain
  • http://cf-cw.store.cffuncw.com/
  • https://cf-cw.store.cffuncw.com/
  • https://accessoar.queue-it.net/?c=accessoar&e=cedarcanadaswonder&ver=v3-javascript-3.6.3&cver=910&man=Cedar%20Fair%20-%20Canada%27s%20Wonderland&t=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F&kupver=cl...
  • https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3...
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c14c977f620e76fc6f8774a1328e44039f517233cffdc6a5cc213a976d3658d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET
cache-control
public, max-age=30
cf-cache-status
MISS
cf-ray
81899d0229a25c6e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 14:11:59 GMT
expires
Thu, 19 Oct 2023 14:12:29 GMT
last-modified
Thu, 19 Oct 2023 14:11:59 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache
content-length
0
date
Thu, 19 Oct 2023 14:11:58 GMT
location
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
pragma
no-cache
server
Kestrel
x-robots-tag
noindex
Roboto-Medium.ttf
cf-cw.store.cffuncw.com/fonts/ 		168 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/fonts/Roboto-Medium.ttf
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68

Request headers

Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Origin
https://cf-cw.store.cffuncw.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"2a020-6065ad1909240-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-sfnt
cache-control
public, max-age=30
cf-ray
81899d062e055c6e-FRA
expires
Thu, 19 Oct 2023 14:12:29 GMT
Roboto-Bold.ttf
cf-cw.store.cffuncw.com/fonts/ 		167 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/fonts/Roboto-Bold.ttf
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

Request headers

Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Origin
https://cf-cw.store.cffuncw.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"29b08-6065ad1909240-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-sfnt
cache-control
public, max-age=30
cf-ray
81899d062e085c6e-FRA
expires
Thu, 19 Oct 2023 14:12:29 GMT
Roboto-LightItalic.ttf
cf-cw.store.cffuncw.com/fonts/ 		172 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/fonts/Roboto-LightItalic.ttf
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
364a23e13c64937c3fcea3db778628b89379c893849bbade6e5bf83c5f605c6a

Request headers

Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Origin
https://cf-cw.store.cffuncw.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"2b1e8-6065ad1909240-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-sfnt
cache-control
public, max-age=30
cf-ray
81899d062e0a5c6e-FRA
expires
Thu, 19 Oct 2023 14:12:29 GMT
Roboto-Light.ttf
cf-cw.store.cffuncw.com/fonts/ 		166 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/fonts/Roboto-Light.ttf
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6

Request headers

Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Origin
https://cf-cw.store.cffuncw.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"299b4-6065ad1909240-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-sfnt
cache-control
public, max-age=30
cf-ray
81899d062e105c6e-FRA
expires
Thu, 19 Oct 2023 14:12:29 GMT
styles-9cfaac7784.css
cf-cw.store.cffuncw.com/styles/ 		682 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/styles/styles-9cfaac7784.css
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a8b3a340d10ff2fe005a67034b47f64646543aab3e3381f85992fa67e2761ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 27 Sep 2023 17:51:59 GMT
server
cloudflare
etag
"aa998-6065ad9132dc0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
cache-control
public, max-age=30
cf-ray
81899d062e065c6e-FRA
expires
Thu, 19 Oct 2023 14:12:29 GMT
vendor-eab16c380d.js
cf-cw.store.cffuncw.com/scripts/ 		686 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/scripts/vendor-eab16c380d.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed84c52446b4eb6726439c8288d4a38b94c334bb4034db33eccd33a4f582455c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:51:59 GMT
server
cloudflare
etag
"ab885-6065ad9132dc0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
public, max-age=30
cf-ray
81899d062e115c6e-FRA
expires
Thu, 19 Oct 2023 14:12:29 GMT
scripts-2fe2582861.js
cf-cw.store.cffuncw.com/scripts/ 		2 MB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/scripts/scripts-2fe2582861.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a3dc746816ccd37dc27c59d97f9b1cd6499095f2717556814f513e3984a939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:51:59 GMT
server
cloudflare
etag
"1ea85d-6065ad9132dc0-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
public, max-age=30
cf-ray
81899d062e125c6e-FRA
expires
Thu, 19 Oct 2023 14:12:29 GMT
gtm.js
www.googletagmanager.com/ 		327 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQHHF39
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
865fa1b2ec84b399ae0d57dd85f137ac6400ce6c0c05a94568f38b4637723ea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99399
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 14:11:59 GMT
gtm.js
www.googletagmanager.com/ 		321 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQMNKZ
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa788ca6337c9d0da60135e53097add8fdc6febb1ae489c7acc7edeb91d2494b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105422
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 14:11:59 GMT
gtm.js
www.googletagmanager.com/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NCJ274C
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4971afab5521aac5653d2bac889f8b72ce6560ccba5c5503fa851a418258b8a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44906
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 14:11:59 GMT
angular-locale_en.js
cf-cw.store.cffuncw.com/node_modules/angular-i18n/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/node_modules/angular-i18n/angular-locale_en.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
376d9c85a9e3694fe46f62fcfe11e7dc6c18535170c3375778eaa5c558b8bd4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
"a92-1c5fc537f6900-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
public, max-age=30
accept-ranges
bytes
cf-ray
81899d0a9bb55c6e-FRA
content-length
955
expires
Thu, 19 Oct 2023 14:12:30 GMT
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQMNKZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 19 Oct 2023 14:11:59 GMT
last-modified
Thu, 12 Oct 2023 17:36:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 56D08A806F55418C836F368FAB56F476 Ref B: FRA31EDGE0513 Ref C: 2023-10-19T14:11:59Z
etag
"808ec9ad32fdd91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12978
core.js
s.pinimg.com/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5a2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
473b7a2bb50a6df274a93a42e8afda72dede8deb663cf10af95ac42cea9ecc94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"9928a24818ebe5caf4dcef81e67e3283"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1736
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4a73e79ac953f25e7800b5ca583552229ce52f3a8c9dad31ee9da427ffa614e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Oct 2023 05:46:58 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=56092
accept-ranges
bytes
content-length
3855
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBDBFVRC77U9CRRSIGK0&lib=ttq
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-121.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80264ceebbd04197ad35c00d7d842e2cfbf05b467fd2e11ee598d36d7c97cb51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id
8c972b9a.127f26a
date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-185.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
105,23.38.99.185
server-timing
cdn-cache; desc=MISS, edge; dur=116, origin; dur=8, inner; dur=4
content-length
1318
pragma
no-cache
server
nginx
x-tt-logid
20231019141159C0E215FE8E6233D82729
x-cache-remote
TCP_MISS from a23-220-107-144.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.220.107.144
x-tt-trace-host
01ca5754d83224ad6ee886f811f6500308c55249b23b8794e4b1b18f7c4a4c903c68c1a98cb6438d6b009ea2e2ace83cddcd817d4b5cf6b3159ade643ecfa39aa7aaf97c5c1c988ee3002701986efd2186764eceead55f55822887f319c0387861ee12f8b675b7b7599349dba57709676b
expires
Thu, 19 Oct 2023 14:12:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 15 Oct 2023 08:32:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=31856
accept-ranges
bytes
content-length
3272
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder%7Eq_1e0968f4-1e21-42ed-8860-72cb3307...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3647738%26time%3D1697724719885%26url%3Dhttps%253A%252F%252Fcf-cw.store.cffuncw.co...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder%7Eq_1e0968f4-1e21-42ed-8860-72cb3307...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder%7Eq_1e0968f4-1e21-42ed-8860-72cb330...
0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder%7Eq_1e0968f4-1e21-42ed-8860-72cb3307ce3e%7Ets_1697724898%7Ece_true%7Ert_safetynet%7Eh_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&cookiesTest=true&liSync=true&e_ipv6=AQKPHi62Gm1xRQAAAYtIR2cP1doXDQ7WfuF7DgkywskUttBbLoO25kSpf_FcHw7DF853LFBtCRzRdKzp_xX4jjMc7iu9ZA
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:01 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E98E18FF330A411FAB7909D32D1300DD Ref B: FRAEDGE1905 Ref C: 2023-10-19T14:12:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIElbsrqfH2MvDaVDeiQ==

Redirect headers

Date
Thu, 19 Oct 2023 14:12:00 GMT
Server
Play
X-Li-Pop
prod-lva1-x
LinkedIn-Action
1
X-Li-Fabric
prod-lva1
Location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3647738&time=1697724719885&url=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder%7Eq_1e0968f4-1e21-42ed-8860-72cb3307ce3e%7Ets_1697724898%7Ece_true%7Ert_safetynet%7Eh_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&cookiesTest=true&liSync=true&e_ipv6=AQKPHi62Gm1xRQAAAYtIR2cP1doXDQ7WfuF7DgkywskUttBbLoO25kSpf_FcHw7DF853LFBtCRzRdKzp_xX4jjMc7iu9ZA
X-LI-Proto
http/1.1
Connection
keep-alive
content-length
0
X-LI-UUID
AAYIElbqdnqCqb58go7iNg==
5561082.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5561082.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 19 Oct 2023 14:11:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D5AFED5703E84BA6BF02C82084129FA8 Ref B: FRA31EDGE0513 Ref C: 2023-10-19T14:11:59Z
x-cache
CONFIG_NOCACHE
main.15c91276.js
s.pinimg.com/ct/lib/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.15c91276.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5a2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ee6cff8e2478948c40206d1f61e2eabdc2796efe0d51b270cb96dce8037b75c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"22b382da8bd5bbd651c2ead900859322"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18887
/
ct.pinterest.com/user/ 		562 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612548110172&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1697724719969&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
13
x-pinterest-rid
4857652804605193
content-length
385
pin-unauth
dWlkPU1qVTNPV0UzTnpJdFlUZ3dOQzAwWm1FekxXSmlZamd0WWpZNU1qaGhNamRoWmpBMA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cf-cw.store.cffuncw.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
6b5218ade0d05685881b70d3473495bf89d60013
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2612548110172&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215c91276%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1697724719971
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:00 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
6b5218ade0d05685881b70d3473495bf89d60013
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
x-pinterest-rid
1087264891593074
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MTEyYzFhMzhjMA.js
analytics.tiktok.com/i18n/pixel/static/ 		370 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBDBFVRC77U9CRRSIGK0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-121.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
49b93c833617a437b5b14a4e3ac687b49b6920d126dfd7be76bacf546fe63d78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id
127f32a
date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231017111604794526A4F77B05B35EA6
vary
Accept-Encoding
x-cache
TCP_HIT from a23-38-99-185.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01a2da27128cba9162beeb5a39e9e09d747cd3ad68e26bcdbef2ae840bb068df32c00e0adda36da84b5ab8d50aedc8fc27ceedcffeefd3c5fad97d6ba437d55997a7f6701f0c8d6b574d75f81a53371ed3871a7ba522ea7e0aabd465229b314adb
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=16
content-length
100910
identify_6291e.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_6291e.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-121.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
92e48936531fc7dd51fa4799d53b25be293b2a198bee7b434d269bb2518d709f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-akamai-request-id
127f392
date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202310171116058A1CAEE1AC1BB40A2898
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-38-99-185.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01a2da27128cba9162beeb5a39e9e09d747cd3ad68e26bcdbef2ae840bb068df32e59c1b0cd4a9a02d4c8b384c9afe476cd9ba1f42475d8e09c7fb861753fc0502d25194bb7814c4de14199ea0e185f63314bd88db5596b315d7a20ee358bacaa1
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=13
content-length
35848
pixel
analytics.tiktok.com/api/v2/ 		0
789 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-121.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf-cw.store.cffuncw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
8c9744ad.127f3c8
date
Thu, 19 Oct 2023 14:12:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-185.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
131,23.38.99.185
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=41, inner; dur=37
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202310191412006764BFF128BA630AFA60
x-cache-remote
TCP_MISS from a23-220-107-144.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
41,23.220.107.144
x-tt-trace-host
01ca5754d83224ad6ee886f811f6500308c55249b23b8794e4b1b18f7c4a4c903c68c1a98cb6438d6b009ea2e2ace83cddd33389d0ff132a610063021dbe8ec35f18647242b0ab96b00ee5e34eab36fd14adb41d294e158cffb8f67296c2339903af047b45e798f15e07a8e5a5b780d8d5
access-control-allow-headers
Authorization,*
expires
Thu, 19 Oct 2023 14:12:00 GMT
main.html
cf-cw.store.cffuncw.com/views/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/views/main.html?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/scripts/vendor-eab16c380d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3ddcc179937dc1994bdcbe2ed8b5c60a7c0c39df08bae1e0440fbcf7969953

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
cache-control
public, max-age=30
cf-ray
81899d0f08435c6e-FRA
expires
Thu, 19 Oct 2023 14:12:30 GMT
bootstrap
cf-cw.store.cffuncw.com/static-api/ 		1 MB
169 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/static-api/bootstrap?m=CF-CW
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/scripts/vendor-eab16c380d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0a2ff2a2ba535ab76553eea2c5a95f47fb7f4977ac4fc52890c24d268cf6f172

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:01 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
etag
W/"14dc4e-IKoGHy9yIpGib57xlD9gd0jBnUw"
stale-if-error
3600
vary
Origin, Accept-Encoding
x-powered-by
Express
content-type
application/json; charset=utf-8
cache-control
public, max-age=30
cf-ray
81899d0f08535c6e-FRA
expires
Thu, 19 Oct 2023 14:12:31 GMT
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5561082&tm=gtm002&Ver=2&mid=78bbc727-e384-4c14-8d9f-42beccbd8410&sid=786a75d06e8911ee8eec477b054ecf70&vid=786aa6006e8911ee93805b479531e9ac&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&r=&lt=3316&evt=pageLoad&sv=1&rn=318095
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Oct 2023 14:12:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3E9F4675936A4FCD98ACA1D544EECFF0 Ref B: FRA31EDGE0513 Ref C: 2023-10-19T14:12:00Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
snippet.js
apps.rokt.com/wsdk/integrations/ 		74 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/integrations/snippet.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bc51f1facfe610bb41a546cee177338158cc042f8caaf6e7a707759adbb9855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-request-id
3V2ZJQE2HKKP7T5P
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
17990
x-amz-id-2
DVF706bYowU8o/KrruKlydOS+RILARrGTbCS2nLWbZQ87ILjBIBfCVGhwiUNKC+xHX/kgiq2ky0=
last-modified
Thu, 19 Oct 2023 07:43:10 GMT
server
AmazonS3
etag
"2dcf510d0dc5e2d012fb507c856c52fc"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1200, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
act
analytics.tiktok.com/api/v2/pixel/ 		0
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTEyYzFhMzhjMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-121.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf-cw.store.cffuncw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
90a955b1.127f5cb
date
Thu, 19 Oct 2023 14:12:00 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-38-99-185.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
206,23.38.99.185
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=116, inner; dur=93
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202310191412004612189E5D0D27D952F3
x-cache-remote
TCP_MISS from a23-220-107-154.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
116,23.220.107.154
x-tt-trace-host
01ca5754d83224ad6ee886f811f6500308c55249b23b8794e4b1b18f7c4a4c903c533295b2828cfeedb51f2ae7c4cced0c02e5bfd2ee1e0eabb6a39b87bf482c068941728378f859aeb063b3d1ab76b2c0b56e7307ad186daf429a7b12067d7fb154bfeeedcdc1f868b6e23ad03c0b6b95
access-control-allow-headers
Authorization,*
expires
Thu, 19 Oct 2023 14:12:00 GMT
index.html
apps.rokt.com/wsdk/controller/ Frame AD5C 		1 KB
967 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/controller/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c333531565428ab3aa7170652dc2291e2618e1d04270f3a9ec66689b3b6cb9d8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-cw.store.cffuncw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
512
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 14:12:00 GMT
etag
"38d35e268b73bdefe52b6ec742501f28"
last-modified
Thu, 19 Oct 2023 07:43:07 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
BjceQFVz+eTtu287gXSAZJldxEYzgHIAPHRLCXYqSv44FNxnUWGtzUiX/Gwf1+xsx94f9hKj/Yw=
x-amz-request-id
8ZPC5FR5A46BKZ99
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
index.html
apps.rokt.com/wsdk/plugin-runtime/ Frame A4FD 		708 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugin-runtime/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a3c1f9abbf033ab060a440549c76c5bb876addcbbbd765ceb39311a404735f8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-cw.store.cffuncw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
292
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 14:12:00 GMT
etag
"77ebe70faf93c6c2942e48fb968d7fc5"
last-modified
Thu, 19 Oct 2023 07:43:16 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
PhacfP06ZFp3N/+9JdzUfcm9J1RzTDXlayd8SUEOYYZM7q4iBNLNK5yS5lsPlnJtnAZN8MQcX38=
x-amz-request-id
8ZP966RXR429RCT1
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
index.html
apps.rokt.com/wsdk/plugins/widget/ Frame 3A9E 		730 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/widget/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6176f7cbfd18bd9139fbd945f0bcf0057cbb7df3e0dce7e09dd25d587387735
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-cw.store.cffuncw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
299
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 14:12:00 GMT
etag
"73953a9872d786c6745abca8465b6012"
last-modified
Wed, 18 Oct 2023 00:18:40 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
c/GiJaBk3icvfWmsS6/urflQZtFfIxQE3SHWYoYrkDT8Q07ospfG82M+JcQAzh7vwmYQVUIeBfo=
x-amz-request-id
FKP5B32JZ2JZ3FWJ
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
index.html
apps.rokt.com/wsdk/plugins/dcui/ Frame 111D 		922 B
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/dcui/index.html
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/integrations/snippet.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39a980f341f52fff036bb7865b3a163bac7d654e23f7bbb5401165bfbded0afe
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-cw.store.cffuncw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1200, public
content-encoding
br
content-length
366
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 14:12:00 GMT
etag
"0e58f3c3c56bc6ce01a8ef6ed9257edd"
last-modified
Tue, 17 Oct 2023 23:27:50 GMT
server
AmazonS3
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-id-2
y1b9IVT2G0U3899qUNJD/ajx4ndOoxC9Q8bWonMBbXii/hrH3A3VzD+sw6KcXx9WA4EWzeg+gNE=
x-amz-request-id
K0ZFDG7AZ3TGT9C4
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
global-reporter.js
apps.rokt.com/wsdk/reporter/ Frame AD5C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/reporter/global-reporter.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.rokt.com/wsdk/controller/index.html
Origin
https://apps.rokt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-request-id
W7CR832RPMYKA9JR
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2840
x-amz-id-2
LWarOFWhBD/MV0gFGa4oqWeVTYe5rEdnQ2ibCfEvAx29ynLQhKeM5NbyfPcL/IKuZT3bagHblJY=
last-modified
Sun, 08 Aug 2021 23:10:23 GMT
server
AmazonS3
etag
"1d663c18a8f56b3de25954a30bd3e8c0"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=1200, must-revalidate, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
quic-version
0x00000001
index.3ef995d09bddd725b1d2.js
apps.rokt.com/wsdk/controller/ Frame AD5C 		71 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/controller/index.3ef995d09bddd725b1d2.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d44722c7add9b78f9a2ec526a2147383742af2d3fe52f10bcda709e95370fe
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.rokt.com/wsdk/controller/index.html
Origin
https://apps.rokt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-request-id
W7CM5EFC27SDTABR
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
17067
x-amz-id-2
ZBwqi1qXcBW6sMB+EyRMMDLx6usuToxxvqrTytLo8fMuVVPGNMDQDomgOIsAEXjVK3qPdckB9KM=
last-modified
Thu, 19 Oct 2023 07:43:06 GMT
server
AmazonS3
etag
"76e89b148cb2ded031142f7df9c9e9a0"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, immutable, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
quic-version
0x00000001
index.53c6c8747a3faf39d06e.js
apps.rokt.com/wsdk/plugin-runtime/ Frame A4FD 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugin-runtime/index.53c6c8747a3faf39d06e.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugin-runtime/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8612a24353e26fa6e02685efbd664764782a9a4aac26468b6d1503ce2afda6d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://apps.rokt.com/wsdk/plugin-runtime/index.html
Origin
https://apps.rokt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-request-id
W7CK8P3MG1RPY1GY
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
17290
x-amz-id-2
vA7ZjuEGyO2gV7EVBIhT/crCqxIBH0UPXsXlQceB8720nelsOwlXZVbwNx2NBQTFzWsUR0h6Me4=
last-modified
Thu, 19 Oct 2023 07:43:14 GMT
server
AmazonS3
etag
"f637395c2ed4b13fba3f781cda5d3dd2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, immutable, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
quic-version
0x00000001
index.97ccf627ea1184e920ac.js
apps.rokt.com/wsdk/plugins/widget/modern/ Frame 3A9E 		1 MB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/widget/modern/index.97ccf627ea1184e920ac.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugins/widget/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
018958e7894f11d7ddb55fde1ddb4f1caca35a834bf93ee23eae9c450e5847ac
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apps.rokt.com/wsdk/plugins/widget/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-request-id
X2TQRVXGCMMPB6KW
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
247117
x-amz-id-2
MUZOMBmkU7TV60PUwVQQdmlfqKrz4EitfQhNYb9gfwGp6c+Vrvmiym1w2t7YCsTkK7iyHFqKAAM=
last-modified
Wed, 18 Oct 2023 00:18:37 GMT
server
AmazonS3
etag
"45e0244c0a2bf3f617cbe4ed8dd5a8eb"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, immutable, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
quic-version
0x00000001
global-reporter.bbe94967967a42532bc7.js
apps.rokt.com/wsdk/plugins/dcui/ Frame 111D 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/dcui/global-reporter.bbe94967967a42532bc7.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugins/dcui/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b8f7eda66a8f99635fe0fc5a42e46cb7cb2af8485f39745c0a7c2cb25393d35
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apps.rokt.com/wsdk/plugins/dcui/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-request-id
F1MCMD28E6XVDXA7
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2456
x-amz-id-2
6CS/qijaRTjHJaD/HSQkWiZj84mPDBA6SbR0Zd9gkEa8Ju4O6Mt444kutG8+Xw2gjbkiMgmtwEs=
last-modified
Tue, 17 Oct 2023 23:27:43 GMT
server
AmazonS3
etag
"838bdfdaacce8a3f6a6cc0c0d49d88e4"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, immutable, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
quic-version
0x00000001
index.c5194082996943ad4820.js
apps.rokt.com/wsdk/plugins/dcui/ Frame 111D 		336 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/wsdk/plugins/dcui/index.c5194082996943ad4820.js
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/plugins/dcui/index.html
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d47f69aec80af97467876c77c610d21ba417eed660f9627b3fdcc37691ce5a13
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apps.rokt.com/wsdk/plugins/dcui/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
x-amz-request-id
SGP8RS8VNDYVWZFY
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
96332
x-amz-id-2
kqWICPl2Zrt9fUgAIBV39qNl2OzxDSa2ANJEG7Qq3Uppk5jdhengykIFQA0x/xBJ0Xrbf35rQz0=
last-modified
Tue, 17 Oct 2023 23:27:46 GMT
server
AmazonS3
etag
"29b95bc885773c44d2642079fb3758c5"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, immutable, public
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
quic-version
0x00000001
session
apps.rokt.com/v1/ Frame AD5C 		0
26 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apps.rokt.com/v1/session
Requested by
Host: apps.rokt.com
URL: https://apps.rokt.com/wsdk/controller/index.3ef995d09bddd725b1d2.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apps.rokt.com/wsdk/controller/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 14:12:00 GMT
content-security-policy
upgrade-insecure-requests; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
date
Thu, 19 Oct 2023 14:12:00 GMT
x-content-type-options
nosniff
x-rate-limit-limit
1m
x-rate-limit-remaining
49
strict-transport-security
max-age=16070400; includeSubDomains
content-security-policy-report-only
upgrade-insecure-requests; default-src https:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub3a73d6a49d86fde5991bd281e94e712c&dd-evp-origin=content-security-policy&ddsource=csp-report
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
istio-envoy
etag
f5b0ede0-8424-4880-8c7e-ea03aec7b0f7
access-control-expose-headers
ETag
x-rate-limit-reset
2023-10-19T14:13:00.7343393Z
cache-control
max-age=0, no-cache, no-store
x-robots-tag
noindex, nofollow, noimageindex
quic-version
0x00000001
loader.html
cf-cw.store.cffuncw.com/views/ 		271 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/views/loader.html?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43d5b8e0497b059085c5d35a7de777ee7c3e537b7cb9c256b67b343c44d44aa

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:01 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
cache-control
public, max-age=30
cf-ray
81899d119b3e5c6e-FRA
expires
Thu, 19 Oct 2023 14:12:31 GMT
navigation.html
cf-cw.store.cffuncw.com/views/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/views/navigation.html?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37b0df6f9759273db66b8a97a78ad39ac0a3bdfadc82eab0686f83b605490e3

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:01 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
cache-control
public, max-age=30
cf-ray
81899d119b405c6e-FRA
expires
Thu, 19 Oct 2023 14:12:31 GMT
modals.html
cf-cw.store.cffuncw.com/views/ 		25 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/views/modals.html?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fc8aebf9c6ef6a84992c11cca5ac85d9b3e024f8c2360e273038dca0287259

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:01 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
cache-control
public, max-age=30
cf-ray
81899d119b415c6e-FRA
expires
Thu, 19 Oct 2023 14:12:31 GMT
top-bar.html
cf-cw.store.cffuncw.com/views/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/views/top-bar.html?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f24f9cc8b094625be24524a47517b4602bf6021c4bb451c80b360382164b91

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:01 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
cache-control
public, max-age=30
cf-ray
81899d119b445c6e-FRA
expires
Thu, 19 Oct 2023 14:12:31 GMT
ct.html
ct.pinterest.com/ Frame 8055 		565 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15c91276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://cf-cw.store.cffuncw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 14:12:01 GMT
pinterest-version
6b5218ade0d05685881b70d3473495bf89d60013
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
1421616861657253
nr-1044.min.js
js-agent.newrelic.com/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1044.min.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
7HtucEuUII5n9P5t3z5IzYZpz_YC7K5u
content-encoding
br
via
1.1 varnish
date
Thu, 19 Oct 2023 14:12:01 GMT
strict-transport-security
max-age=300
x-amz-request-id
7N5SZBPQWHN6A1NW
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9269
x-amz-id-2
hw3BYx1mmaUo28nTl7oQlJTHBsriJRYGGJSUGWNqMJaXC4BoYTkxcg4+SLZitk3VJLpOGobt0fE=
x-served-by
cache-fra-eddf8230094-FRA
last-modified
Wed, 18 Oct 2023 20:58:59 GMT
server
AmazonS3
x-timer
S1697724721.144839,VS0,VE0
etag
"6442aaa45ec28f8b2c541026f3c24871"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
383
destination
www.googletagmanager.com/gtag/ 		258 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-XWH5FCZYVQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQHHF39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b41dd3fbabf55898402e5566e7b90c3609786c87af71567dc0bfb7677c0b6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90030
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 14:12:01 GMT
destination
www.googletagmanager.com/gtag/ 		260 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-5J48C1VPD4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQHHF39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a460670b57c248f0bd31003b0a6b712a02447a639d5221933829ae63a56d51a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89809
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 14:12:01 GMT
69d07d279d
bam.nr-data.net/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/69d07d279d?a=58953986&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=3988&ref=https://cf-cw.store.cffuncw.com/&be=3331&fe=3946&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1697724717168,%22n%22:0,%22f%22:1253,%22dn%22:1253,%22dne%22:1253,%22c%22:1253,%22ce%22:1253,%22rq%22:1253,%22rp%22:1884,%22rpe%22:1885,%22dl%22:1888,%22di%22:3056,%22ds%22:3056,%22de%22:3316,%22dc%22:3941,%22l%22:3941,%22le%22:3948%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1044.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 14:12:01 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
81899d13bb2e9bb3-FRA
Content-Length
2
Vary
Accept-Encoding
Content-Type
text/plain;charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XWH5FCZYVQ&gtm=45je3ai0&_p=147867177&cid=1152906860.1697724721&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697724721&sct=1&seg=0&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dt=&en=scroll&_fv=1&_nsi=1&_ss=1&epn.scroll_depth=25
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-XWH5FCZYVQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5J48C1VPD4&gtm=45je3ai0&_p=147867177&cid=1152906860.1697724721&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697724721&sct=1&seg=0&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dt=&en=scroll&_fv=1&_ss=1&epn.scroll_depth=25
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-5J48C1VPD4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5J48C1VPD4&gtm=45je3ai0&_p=147867177&cid=1152906860.1697724721&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1697724721&sct=1&seg=0&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dt=&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-5J48C1VPD4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf-cw.store.cffuncw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://cf-cw.store.cffuncw.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Oct 2023 14:12:02 GMT
via
1.1 google
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 14:12:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
W1Eq7WCXNgz3T3AlVBk/i1lKVN4evTMwG3avKyDhEnISnf9eKrXrDaNqg58fuirH7RFLsDGGfw3tGWDH7N/6NQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://cf-cw.store.cffuncw.com/
Bugsnag-Sent-At
2023-10-19T14:12:01.933Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
5804d27d4b1cae495fb52da0299df18a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 14:12:02 GMT
via
1.1 google
bugsnag-session-uuid
0b9480af-88e9-47c4-87e5-975e1a51bd3d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
getnewcartid
cf-cw.store.cffuncw.com/api/request/ 		279 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/api/request/getnewcartid
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d0c37c9d48d0f19fdeab2083c9ef737dce73b412566a40a69b5d32d6a26122c3

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
com-accessopassport-client
cedarfair
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
com-accessopassport-app-id
1500
com-accessopassport-language
en
com-accessopassport-merchant-id
2

Response headers

date
Thu, 19 Oct 2023 14:12:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"117-JKAVZob+EUavuHpHdZTvvP1TFuI"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cf-ray
81899d182aa45c6e-FRA
CF-CW.css
cf-cw.store.cffuncw.com/styles/merchant/ 		233 B
276 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/styles/merchant/CF-CW.css
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/scripts/vendor-eab16c380d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1e64c876a5b446179f60f563ded304b4088a985d85440269191f6bbe818a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"e9-6065ad1909240-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
cache-control
public, max-age=30
accept-ranges
bytes
cf-ray
81899d186ad35c6e-FRA
content-length
148
expires
Thu, 19 Oct 2023 14:12:32 GMT
false
cf-cw.store.cffuncw.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-cw.store.cffuncw.com/false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 19 Oct 2023 14:12:02 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
cache-control
public, max-age=30
cf-ray
81899d187adb5c6e-FRA
expires
Thu, 19 Oct 2023 14:12:32 GMT
sprite-3dd8d0a66b.png
cf-cw.store.cffuncw.com/images/ 		280 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-cw.store.cffuncw.com/images/sprite-3dd8d0a66b.png
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/styles/styles-9cfaac7784.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ed6f83c822efaa6dcd29fb16b151ed07844bc60841aba0e5e62b75d0f78599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/styles/styles-9cfaac7784.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:02 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:50:37 GMT
server
cloudflare
etag
"45ebd-6065ad42ff540"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
cache-control
public, max-age=30
accept-ranges
bytes
cf-ray
81899d187ae55c6e-FRA
content-length
286397
expires
Thu, 19 Oct 2023 14:12:32 GMT
icomoon.ttf
cf-cw.store.cffuncw.com/fonts/accesso/ 		48 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/fonts/accesso/icomoon.ttf
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/styles/styles-9cfaac7784.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4878cb334cc8ea13b543798fbb58ef109b495d63ed37a8e67efbdf12f27c32c5

Request headers

Referer
https://cf-cw.store.cffuncw.com/styles/styles-9cfaac7784.css
Origin
https://cf-cw.store.cffuncw.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:02 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"c134-6065ad1909240-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-sfnt
cache-control
public, max-age=30
accept-ranges
bytes
cf-ray
81899d187ae85c6e-FRA
content-length
28480
expires
Thu, 19 Oct 2023 14:12:32 GMT
873774289418529
connect.facebook.net/signals/config/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/873774289418529?v=2.9.134&r=stable&domain=cf-cw.store.cffuncw.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21cf66c5fc8deff0114acf664da408740c28f1be52701b3aa60e91dd2fa36106
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 14:12:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
1IA/ayZjX3qpHmMzOlR7Ke+CUX/3ormslkZf7oyLjXNzegKxmWvvb6IByI4u3SDHjSYW9lr/2U9U6JaB80yNRg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
337042166973499
connect.facebook.net/signals/config/ 		114 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/337042166973499?v=2.9.134&r=stable&domain=cf-cw.store.cffuncw.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fb3b47b1c4ee3593233e0c71a8129481a459632e0648c506d5ffd4e19d117156
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 14:12:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
SkJZsfDxEqU4+C0Xf4Jk9t+Q0Yxl7uxpgVNpXXfLs0M2ItQlu/fS5x8EvCtD44ZkgqpsJquT4IXHWHN1ULfIPQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1680224778943205
connect.facebook.net/signals/config/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1680224778943205?v=2.9.134&r=stable&domain=cf-cw.store.cffuncw.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08e289860088135ec028866808afbe6af4d10df6a7fda65b654d72a4435d272d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 14:12:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
DbhOAdEkaQDLbjH8oHhWHMjG24OFH/HY/A4EdykFf+v4pp0GlJRO4g6XJI7WH8KsftM0m81VYr4afqNGpBPcPA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
getcartsummary
cf-cw.store.cffuncw.com/api/request/ 		285 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/api/request/getcartsummary
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bc0cb5bf77d72ff50c484057114a0b8173c20c5165eaf3c5c91cfd7cc77b5611

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
com-accessopassport-client
cedarfair
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
com-accessopassport-app-id
1500
com-accessopassport-language
en
com-accessopassport-merchant-id
2

Response headers

date
Thu, 19 Oct 2023 14:12:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"11d-6C8oBEA0BTliHHfn3499XKa6FvM"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cf-ray
81899d1b2dc25c6e-FRA
getpackageswaps
cf-cw.store.cffuncw.com/api/request/ 		218 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/api/request/getpackageswaps
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a83ce54296bf9bf4d344cc22ee5e81a41dcc87f1741deb0c28c8ba117df68a98

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
com-accessopassport-client
cedarfair
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
com-accessopassport-app-id
1500
com-accessopassport-language
en
com-accessopassport-merchant-id
2

Response headers

date
Thu, 19 Oct 2023 14:12:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"da-rZUST4p0vrFNMdlVli5VvVGLXDg"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cf-ray
81899d1c7f025c6e-FRA
te2-service.js
cf-cw.store.cffuncw.com/scripts/modules/te2/services/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/scripts/modules/te2/services/te2-service.js?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/scripts/vendor-eab16c380d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a03e29e2a4cb498c8c6df4e0b5c43e87d5a49360c6d3fba219a8ccb7988d2f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"11c3-6065ad1909240-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
public, max-age=30
accept-ranges
bytes
cf-ray
81899d1da83a5c6e-FRA
content-length
1871
expires
Thu, 19 Oct 2023 14:12:33 GMT
te2-generic-modal-controller.js
cf-cw.store.cffuncw.com/scripts/modules/te2/modules/te2-generic-modal/controllers/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/scripts/modules/te2/modules/te2-generic-modal/controllers/te2-generic-modal-controller.js?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/scripts/vendor-eab16c380d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c4206ac831d6c006f8b9c4f3bfcc4b014aac3a3bc943a28865dd36cf2bbc42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:03 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"893-6065ad1909240-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
public, max-age=30
accept-ranges
bytes
cf-ray
81899d1da83d5c6e-FRA
content-length
934
expires
Thu, 19 Oct 2023 14:12:33 GMT
packageList.html
cf-cw.store.cffuncw.com/views/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/views/packageList.html?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500dcc50b529cbade12716fb987052275972f50eb0c867b853981bb813ba1626

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:03 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
cache-control
public, max-age=30
cf-ray
81899d203acf5c6e-FRA
expires
Thu, 19 Oct 2023 14:12:33 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://cf-cw.store.cffuncw.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Oct 2023 14:12:03 GMT
via
1.1 google
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQHHF39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 13:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1230
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 19 Oct 2023 15:51:33 GMT
1.js
znmmvaov.micpn.com/p/js/ 		16 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://znmmvaov.micpn.com/p/js/1.js
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-60.fra56.r.cloudfront.net
Software
/
Resource Hash
e2b3dc368d5b2afed44db0f7a9bda8cccdba3f25a7feedd6647051086554505d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:10:36 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
87
x-cache
Hit from cloudfront
p3p
policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
content-type
text/javascript
cache-control
no-cache max-age=0
content-length
16
x-amz-cf-id
I6Vd0bvqZrBAo3iynbz62ZSzm-v7ZzwqypWOBM3krW-4v5_c25T_cQ==
x-uuid
2a2e37ea-8eaa-455f-aea9-76548a5e4ed5
expires
Thu, 01 Dec 1994 16:00:00 GMT
js
www.googletagmanager.com/gtag/ 		269 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CP48B3C9LZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQMNKZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ace9d9a5335575e4c90d2652fa3a19fa089a9033af8c8fb1090076d04c563b48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91748
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 14:12:03 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5J48C1VPD4&gtm=45je3ai0&_p=147867177&cid=1152906860.1697724721&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=3&sid=1697724721&sct=1&seg=0&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dt=&en=scroll&epn.percent_scrolled=90&_et=32
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-5J48C1VPD4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sessions.bugsnag.com/ 		21 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://cf-cw.store.cffuncw.com/
Bugsnag-Sent-At
2023-10-19T14:12:03.702Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
5804d27d4b1cae495fb52da0299df18a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 14:12:03 GMT
via
1.1 google
bugsnag-session-uuid
eccce467-3d0d-49cb-a307-8d093de4c9a9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://cf-cw.store.cffuncw.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Oct 2023 14:12:03 GMT
via
1.1 google
warning-place-holder.png
cf-cw.store.cffuncw.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-cw.store.cffuncw.com/images/warning-place-holder.png
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/styles/styles-9cfaac7784.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7f1b97ed7e6ef1045043cee9d3b64c41dfd86350ab1cc5e9c27184ea8989e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/styles/styles-9cfaac7784.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:04 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
etag
"c4e-6065ad1909240"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
cache-control
public, max-age=30
accept-ranges
bytes
cf-ray
81899d232def5c6e-FRA
content-length
3150
expires
Thu, 19 Oct 2023 14:12:34 GMT
/
sessions.bugsnag.com/ 		21 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://cf-cw.store.cffuncw.com/
Bugsnag-Sent-At
2023-10-19T14:12:03.729Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
5804d27d4b1cae495fb52da0299df18a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 14:12:03 GMT
via
1.1 google
bugsnag-session-uuid
f345132e-081e-4a2e-a1b4-ab5450204281
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
package-comparison.html
cf-cw.store.cffuncw.com/scripts/modules/package-comparison/views/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-cw.store.cffuncw.com/scripts/modules/package-comparison/views/package-comparison.html?cacheBuster=5.150.0
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229c469248ec24ad50ad5ad06734f052c2d79d9cf43066cd27d42463b4599615

Request headers

Accept
application/json, text/plain, */*
Referer
https://cf-cw.store.cffuncw.com/packageComparison/FallSeasonPasses?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:04 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 27 Sep 2023 17:49:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
cache-control
public, max-age=30
cf-ray
81899d237e515c6e-FRA
expires
Thu, 19 Oct 2023 14:12:34 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=873774289418529&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&rl=&if=false&ts=1697724723660&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697724723656.1558401899&ler=empty&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=337042166973499&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com&rl=&if=false&ts=1697724723664&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=28&fbp=fb.1.1697724723656.1558401899&ler=empty&pm=1&hrl=ffd7f5&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=5449203381841562&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1680224778943205&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&rl=&if=false&ts=1697724723665&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697724723656.1558401899&ler=empty&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=337042166973499&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com&rl=&if=false&ts=1697724723668&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=28&fbp=fb.1.1697724723656.1558401899&ler=empty&pm=1&hrl=ffd7f5&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&cs_cc=1&cas=5449203381841562&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1680224778943205&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&rl=&if=false&ts=1697724723683&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=30&fbp=fb.1.1697724723656.1558401899&ler=empty&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
canadas_wonderland_logo2.png
assets.accessocdn.com/assets/cedarfair/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.accessocdn.com/assets/cedarfair/images/canadas_wonderland_logo2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad173040e86e62fe8e641277c56c583e58839bb59edc31959bce1c7fa586ffc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:04 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Apr 2019 17:10:26 GMT
server
cloudflare
x-amz-request-id
95HKW8SS32GR789B
etag
"6e03a88913edd76f889b898ea7e10218"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81899d240b891919-FRA
content-length
5426
x-amz-id-2
A687muD1acNeFUU26FewybSp9tIvn7rqRYPSy4EAbcwMGhSdLWtmSjMbcfBPFf0lAMZgG7k8NDI=
expires
Fri, 18 Oct 2024 14:12:04 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=873774289418529&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageList%2Fkeyword%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&rl=&if=false&ts=1697724723714&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=30&fbp=fb.1.1697724723656.1558401899&ler=empty&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=337042166973499&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com&rl=&if=false&ts=1697724723716&sw=1600&sh=1200&v=2.9.134&r=stable&ec=2&o=28&fbp=fb.1.1697724723656.1558401899&ler=empty&pm=1&hrl=d4e54f&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=5449203381841562&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1680224778943205&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageList%2Fkeyword%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&rl=&if=false&ts=1697724723717&sw=1600&sh=1200&v=2.9.134&r=stable&ec=2&o=30&fbp=fb.1.1697724723656.1558401899&ler=empty&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=873774289418529&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&rl=&if=false&ts=1697724723733&sw=1600&sh=1200&v=2.9.134&r=stable&ec=2&o=30&fbp=fb.1.1697724723656.1558401899&ler=empty&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=337042166973499&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com&rl=&if=false&ts=1697724723735&sw=1600&sh=1200&v=2.9.134&r=stable&ec=3&o=28&fbp=fb.1.1697724723656.1558401899&ler=empty&pm=1&hrl=ac7947&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&cs_cc=1&cas=5449203381841562&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1680224778943205&ev=PageView&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&rl=&if=false&ts=1697724723735&sw=1600&sh=1200&v=2.9.134&r=stable&ec=3&o=30&fbp=fb.1.1697724723656.1558401899&ler=empty&it=1697724722056&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 14:12:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=147867177&t=pageview&cu=CAD&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dp=%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland%20-%20Package%20List&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAIi~&cid=1152906860.1697724721&tid=UA-104387729-4&_gid=262684499.1697724724&_slc=1&gtm=45He3ai0n81MQHHF39&cd1=Cedar%20Fair&cd2=Canada%27s%20Wonderland&cd3=Passport%20eCommerce&cd4=Cedar%20Fair&cd5=Canada%27s%20Wonderland&cd6=Passport%20eCommerce&cd7=Theme%20Park&z=947254620
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-cw.store.cffuncw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=147867177&t=pageview&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland%20-%20Package%20List&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAIi~&jid=1036114169&gjid=1088744419&cid=1152906860.1697724721&tid=UA-90309201-5&_gid=262684499.1697724724&_r=1&_slc=1&gtm=45He3ai0n71MQMNKZ&z=991210165
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-cw.store.cffuncw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CP48B3C9LZ&gtm=45je3ai0&_p=147867177&_gaz=1&cid=1152906860.1697724721&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1697724723&sct=1&seg=0&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dt=Canada%27s%20Wonderland%20-%20Package%20List&en=page_view&_fv=1&_ss=1&ep.allowLinker=true&ep.anonymizeIp=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CP48B3C9LZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CP48B3C9LZ&cid=1152906860.1697724721&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CP48B3C9LZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CP48B3C9LZ&cid=1152906860.1697724721&gtm=45je3ai0&aip=1&z=1544112792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-90309201-5&cid=1152906860.1697724721&jid=1036114169&gjid=1088744419&_gid=262684499.1697724724&_u=YCDACUABBAAAACAAIi~&z=1071651205
Requested by
Host: cf-cw.store.cffuncw.com
URL: https://cf-cw.store.cffuncw.com/?queueittoken=e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cf-cw.store.cffuncw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 19 Oct 2023 14:12:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 13:21:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
3055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 19 Oct 2023 14:21:09 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CP48B3C9LZ&gtm=45je3ai0&_p=147867177&cid=1152906860.1697724721&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1697724723&sct=1&seg=0&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dt=Canada%27s%20Wonderland%20-%20Package%20List&en=scroll&ep.allowLinker=true&ep.anonymizeIp=true&epn.percent_scrolled=90&_et=10
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CP48B3C9LZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cw_sp_upsell.png
assets.accessocdn.com/assets/cedarfair/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.accessocdn.com/assets/cedarfair/images/cw_sp_upsell.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6582c3caac40d04f76daa8f688f1854ae418b8abd33fc1ae11cf21c462c2da5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:04 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jul 2022 14:39:55 GMT
server
cloudflare
x-amz-request-id
95HZQW08VYWCRHJ8
etag
"dd32908888f16b637b4c5c13eb1f38dd"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81899d27884f1919-FRA
content-length
39973
x-amz-id-2
3otlkfzDauLktfMsWIQ4vCj9Dn3AIHk66LX9FY2sN5VDeNJcjvf8DIw+DS/+yDe6YLhPFhIWlf+MTiFe3Dq/btxxrHHPKZfxxXodSvMEItM=
expires
Fri, 18 Oct 2024 14:12:04 GMT
cw_SPbackground_new.jpg
assets.accessocdn.com/assets/cedarfair/images/RecommenderWizardImages/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.accessocdn.com/assets/cedarfair/images/RecommenderWizardImages/cw_SPbackground_new.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66ef757f6502b509e5d89a8993dcb426c618062c519ced951d14fdf9b7aed0c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:12:04 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Jan 2020 13:27:49 GMT
server
cloudflare
x-amz-request-id
95HHJRJTAHBAX25H
etag
"7254e6239e84f9ea35b7bc488b61daf0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81899d2788511919-FRA
content-length
23497
x-amz-id-2
5KF4bynNDHbc8S+Lfo8DSbIIR0RAcE9Gw+RYlooXB55neTIEVtL/+YP41HZ5mzbE9iAbQhZNU9uoGB6x4437Mlu/wIBf6MsS0qFbJ4fUhj0=
expires
Fri, 18 Oct 2024 14:12:04 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=147867177&t=event&ni=0&cu=CAD&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dp=%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Impression&_u=aCHACUALBAAAACAMIi~&cid=1152906860.1697724721&tid=UA-104387729-4&_gid=262684499.1697724724&gtm=45He3ai0n81MQHHF39&cd1=Cedar%20Fair&cd2=Canada%27s%20Wonderland&cd3=Passport%20eCommerce&cd4=Cedar%20Fair&cd5=Canada%27s%20Wonderland&cd6=Passport%20eCommerce&cd7=Theme%20Park&il1nm=Package%20Comparison&il1pi1nm=2024%20SEASON%20PASS&il1pi1id=10075067&il1pi1br=CF-CW&il1pi1ca=Season%20Pass%20-%20New&il1pi1ps=0&il1pi2nm=2024%20GOLD%20PASS&il1pi2id=10075068&il1pi2br=CF-CW&il1pi2ca=Season%20Pass%20-%20New&il1pi2ps=1&il1pi3nm=2024%20PRESTIGE%20PASS&il1pi3id=10075069&il1pi3br=CF-CW&il1pi3ca=Season%20Pass%20-%20New&il1pi3ps=2&z=1292144382
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=147867177&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Impression&_u=aCHACUALBAAAACAMIi~&jid=&gjid=&cid=1152906860.1697724721&tid=UA-90309201-5&_gid=262684499.1697724724&gtm=45He3ai0n71MQMNKZ&il1nm=Package%20Comparison&il1pi1nm=2024%20SEASON%20PASS&il1pi1id=10075067&il1pi1br=CF-CW&il1pi1ca=Season%20Pass%20-%20New&il1pi1ps=0&il1pi2nm=2024%20GOLD%20PASS&il1pi2id=10075068&il1pi2br=CF-CW&il1pi2ca=Season%20Pass%20-%20New&il1pi2ps=1&il1pi3nm=2024%20PRESTIGE%20PASS&il1pi3id=10075069&il1pi3br=CF-CW&il1pi3ca=Season%20Pass%20-%20New&il1pi3ps=2&z=1486713811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=147867177&t=event&ni=0&cu=CAD&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dp=%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Details&_u=aCHACUALBAAAACAMIi~&cid=1152906860.1697724721&tid=UA-104387729-4&_gid=262684499.1697724724&gtm=45He3ai0n81MQHHF39&cd1=Cedar%20Fair&cd2=Canada%27s%20Wonderland&cd3=Passport%20eCommerce&cd4=Cedar%20Fair&cd5=Canada%27s%20Wonderland&cd6=Passport%20eCommerce&cd7=Theme%20Park&pal=Package%20Comparison&pa=detail&pr1id=10075067&pr1nm=2024%20SEASON%20PASS&pr1ca=Season%20Pass%20-%20New&pr1br=CF-CW&z=1282486562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=147867177&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Details&_u=aCHACUALBAAAACAMIi~&jid=&gjid=&cid=1152906860.1697724721&tid=UA-90309201-5&_gid=262684499.1697724724&gtm=45He3ai0n71MQMNKZ&pal=Package%20Comparison&pa=detail&pr1id=10075067&pr1nm=2024%20SEASON%20PASS&pr1ca=Season%20Pass%20-%20New&pr1br=CF-CW&z=1606817519
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=147867177&t=event&ni=0&cu=CAD&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dp=%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Details&_u=aCHACUALBAAAACAMIi~&cid=1152906860.1697724721&tid=UA-104387729-4&_gid=262684499.1697724724&gtm=45He3ai0n81MQHHF39&cd1=Cedar%20Fair&cd2=Canada%27s%20Wonderland&cd3=Passport%20eCommerce&cd4=Cedar%20Fair&cd5=Canada%27s%20Wonderland&cd6=Passport%20eCommerce&cd7=Theme%20Park&pal=Package%20Comparison&pa=detail&pr1id=10075068&pr1nm=2024%20GOLD%20PASS&pr1ca=Season%20Pass%20-%20New&pr1br=CF-CW&z=923511412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=147867177&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Details&_u=aCHACUALBAAAACAMIi~&jid=&gjid=&cid=1152906860.1697724721&tid=UA-90309201-5&_gid=262684499.1697724724&gtm=45He3ai0n71MQMNKZ&pal=Package%20Comparison&pa=detail&pr1id=10075068&pr1nm=2024%20GOLD%20PASS&pr1ca=Season%20Pass%20-%20New&pr1br=CF-CW&z=379083529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=147867177&t=event&ni=0&cu=CAD&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dp=%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Details&_u=aCHACUALBAAAACAMIi~&cid=1152906860.1697724721&tid=UA-104387729-4&_gid=262684499.1697724724&gtm=45He3ai0n81MQHHF39&cd1=Cedar%20Fair&cd2=Canada%27s%20Wonderland&cd3=Passport%20eCommerce&cd4=Cedar%20Fair&cd5=Canada%27s%20Wonderland&cd6=Passport%20eCommerce&cd7=Theme%20Park&pal=Package%20Comparison&pa=detail&pr1id=10075069&pr1nm=2024%20PRESTIGE%20PASS&pr1ca=Season%20Pass%20-%20New&pr1br=CF-CW&z=1758140928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=147867177&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&ul=en-us&de=UTF-8&dt=Canada%27s%20Wonderland&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20Details&_u=aCHACUALBAAAACAMIi~&jid=&gjid=&cid=1152906860.1697724721&tid=UA-90309201-5&_gid=262684499.1697724724&gtm=45He3ai0n71MQMNKZ&pal=Package%20Comparison&pa=detail&pr1id=10075069&pr1nm=2024%20PRESTIGE%20PASS&pr1ca=Season%20Pass%20-%20New&pr1br=CF-CW&z=845056465
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf-cw.store.cffuncw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 10:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11928
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5J48C1VPD4&gtm=45je3ai0&_p=147867177&cid=1152906860.1697724721&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dp=%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&cu=CAD&sid=1697724721&sct=1&seg=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2FpackageComparison%2FFallSeasonPasses%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dt=Canada%27s%20Wonderland%20-%20Package%20List&_s=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-5J48C1VPD4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf-cw.store.cffuncw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XWH5FCZYVQ&gtm=45je3ai0&_p=147867177&cid=1152906860.1697724721&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1697724721&sct=1&seg=1&dl=https%3A%2F%2Fcf-cw.store.cffuncw.com%2F%3Fqueueittoken%3De_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21&dt=Canada%27s%20Wonderland%20-%20Package%20List&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-XWH5FCZYVQ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cf-cw.store.cffuncw.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:12:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cf-cw.store.cffuncw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| accesso boolean| ie8 string| version string| accessoDeviceInfo string| accessoShoplandVersion object| dataLayer object| tv4 function| bugsnag object| angular object| @uirouter/angularjs object| @uirouter/angularjs-state-events object| @uirouter/angularjs-resolve-service function| UAParser function| loadImage string| accessoAPIHost string| accessoLanguage object| google_tag_manager object| google_tag_data function| postscribe object| google_tag_manager_external function| pintrk string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk string| TiktokAnalyticsObject object| ttq object| process boolean| _already_called_lintrk function| UET function| UET_init function| UET_push object| ueto_02bd801bd3 object| uetq object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| CountingSemaphore function| appConfig function| routingConfig function| uiSpinner function| JSONValidator function| alphabeticalByLocale function| getIntlCollator function| PackageListCtrl function| ShippingCtrl function| InterstitialOptinController function| InterstitialService object| ShoplandInitSemaphore number| ng339 object| _agreementData object| _cartFormData object| _customFormAgreementData boolean| ___receiptClickAdded string| _ROKT_ object| rokt object| NREUM object| newrelic function| __nr_require function| onYouTubeIframeAPIReady object| __rokt-launcher__ object| gaGlobal object| _links object| _optins object| _securityProvider object| _menuItems object| _menu boolean| _isactive object| _AccessoMapper function| fbq function| _fbq object| meta object| loadingEllipseTimer object| promoCodes string| GoogleAnalyticsObject function| ga string| MovableInkTrack function| mitr function| forceInt object| gaplugins object| gaData object| GTM_UTILS

33 Cookies

Domain/Path Name / Value
accessoar.queue-it.net/ Name: Queue-it-token
Value: e_cedarcanadaswonder~q_1e0968f4-1e21-42ed-8860-72cb3307ce3e~ts_1697724898~ce_true~rt_safetynet~h_80dee20653c0b7897f515dde07f99a56261674312ae0c3299f8bd3c57b8c6a21
accessoar.queue-it.net/ Name: Queue-it-1e0968f4-1e21-42ed-8860-72cb3307ce3e
Value: WasRedirected=false&i=638333215183342364
.queue-it.net/ Name: Queue-it
Value: u=c285c079-4a08-4619-b436-45cffe60edc0
.cffuncw.com/ Name: _gcl_au
Value: 1.1.2076408403.1697724720
.tiktok.com/ Name: _ttp
Value: 2Wz9osFGWtR1EadtaHRCaRhAFIF
.pinterest.com/ Name: ar_debug
Value: 1
.cf-cw.store.cffuncw.com/ Name: _pin_unauth
Value: dWlkPU1qVTNPV0UzTnpJdFlUZ3dOQzAwWm1FekxXSmlZamd0WWpZNU1qaGhNamRoWmpBMA
.cffuncw.com/ Name: _tt_enable_cookie
Value: 1
.cffuncw.com/ Name: _ttp
Value: fdzEZ7J5nPT1YuFfgtsv8HJeAhe
.linkedin.com/ Name: li_sugr
Value: 9117d433-2abc-4e9f-9bd6-e4762f567817
.linkedin.com/ Name: bcookie
Value: "v=2&3c0d4b36-7dc8-4482-848d-e3567aa19a61"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2774:u=1:x=1:i=1697724720:t=1697811120:v=2:sig=AQHfJHW8HNBU13I-TcajAc14X-4rx-nz"
.linkedin.com/ Name: UserMatchHistory
Value: AQK5Zq3PPrjeAwAAAYtIR2SVMKgbhBB0DV_L35FdptWhB_xpxE6H9gEjnAPGwq_mtsj4Rw8icNnCBQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJg1jdvq9uljgAAAYtIR2SVDHmWbjjn-kz_Nr5ewzBXuWCwP0TLz1htBJXw7KGwb3lLPkAksnVjKFNOlGzIEQ
.cffuncw.com/ Name: _uetsid
Value: 786a75d06e8911ee8eec477b054ecf70
.cffuncw.com/ Name: _uetvid
Value: 786aa6006e8911ee93805b479531e9ac
.bing.com/ Name: MUID
Value: 236EA2B3B68363971CA2B11CB70862E4
cf-cw.store.cffuncw.com/ Name: RoktRecogniser
Value: 0f5ea005-d30a-4444-b085-aecbbf3c183e
apps.rokt.com/ Name: akaalb_Instance-1
Value: ~op=Prod_Widget_API_Experiences:Prod-API-EU-West-1|Prod_WSDK_S3:Prod-SDK-S3|~rv=38~m=Prod-API-EU-West-1:0|Prod-SDK-S3:0|~os=141f223fa3e939d66e4926adb7c49b34~id=bd47c0cf7659eb121aa83cdaa1899138
.www.linkedin.com/ Name: bscookie
Value: "v=1&2023101914120026ac2d27-43e6-4d3b-8b59-25304b75183cAQEdg86daycWyzkMRQr5PXfko0z3FoF0"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTc3MjQ3MjA7MjswMjHPczG4wXFhgFtdBtIfchcmManbvIdKzok4OHxfl16TTQ==
cf-cw.store.cffuncw.com/ Name: AWSALB
Value: yOIKHtldggNDXdYgSF+p+x2JlguoKYgypRF4tF0p8WoL2cmuMwbi11RJG8CrFA39AqT1HBKocGNoE8Q2XA3Do6I479GHV5YKJVZ7ApUBjcje4n8WPz00xfJ+zXUm
cf-cw.store.cffuncw.com/ Name: AWSALBCORS
Value: yOIKHtldggNDXdYgSF+p+x2JlguoKYgypRF4tF0p8WoL2cmuMwbi11RJG8CrFA39AqT1HBKocGNoE8Q2XA3Do6I479GHV5YKJVZ7ApUBjcje4n8WPz00xfJ+zXUm
.cffuncw.com/ Name: _fbp
Value: fb.1.1697724723656.1558401899
.cffuncw.com/ Name: _gid
Value: GA1.2.262684499.1697724724
.cf-cw.store.cffuncw.com/ Name: _ga
Value: GA1.4.1152906860.1697724721
.cf-cw.store.cffuncw.com/ Name: _gid
Value: GA1.4.262684499.1697724724
.cf-cw.store.cffuncw.com/ Name: _gat_UA-90309201-5
Value: 1
.cffuncw.com/ Name: _ga
Value: GA1.2.1152906860.1697724721
.cffuncw.com/ Name: gtmNamespaceDeclared
Value: true
.cffuncw.com/ Name: _ga_XWH5FCZYVQ
Value: GS1.1.1697724721.1.1.1697724724.0.0.0
.cffuncw.com/ Name: _ga_CP48B3C9LZ
Value: GS1.1.1697724723.1.0.1697724724.59.0.0
.cffuncw.com/ Name: _ga_5J48C1VPD4
Value: GS1.1.1697724721.1.1.1697724724.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://bam.nr-data.net/1/69d07d279d?a=58953986&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=3988&ref=https://cf-cw.store.cffuncw.com/&be=3331&fe=3946&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1697724717168,%22n%22:0,%22f%22:1253,%22dn%22:1253,%22dne%22:1253,%22c%22:1253,%22ce%22:1253,%22rq%22:1253,%22rp%22:1884,%22rpe%22:1885,%22dl%22:1888,%22di%22:3056,%22ds%22:3056,%22de%22:3316,%22dc%22:3941,%22l%22:3941,%22le%22:3948%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Message:
Failed to load resource: the server responded with a status of 402 (Payment Required)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessoar.queue-it.net
analytics.tiktok.com
apps.rokt.com
assets.accessocdn.com
bam.nr-data.net
bat.bing.com
cf-cw.store.cffuncw.com
connect.facebook.net
ct.pinterest.com
js-agent.newrelic.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.pinimg.com
sessions.bugsnag.com
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.linkedin.com
znmmvaov.micpn.com
104.18.11.202
104.18.28.61
104.18.29.61
108.138.7.60
13.107.42.14
151.101.128.84
151.101.66.137
162.247.241.14
2001:4860:4802:32::36
23.38.98.121
2600:1901:0:7a0b::
2620:109:c002::6cae:a14
2620:1ec:c11::200
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9a
2a02:26f0:480:5a2::1931
2a02:26f0:480:f::213:7ecb
2a02:26f0:480:f::213:7ed2
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
52.88.79.193
018958e7894f11d7ddb55fde1ddb4f1caca35a834bf93ee23eae9c450e5847ac
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08e289860088135ec028866808afbe6af4d10df6a7fda65b654d72a4435d272d
0a2ff2a2ba535ab76553eea2c5a95f47fb7f4977ac4fc52890c24d268cf6f172
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1b8f7eda66a8f99635fe0fc5a42e46cb7cb2af8485f39745c0a7c2cb25393d35
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20ed6f83c822efaa6dcd29fb16b151ed07844bc60841aba0e5e62b75d0f78599
21cf66c5fc8deff0114acf664da408740c28f1be52701b3aa60e91dd2fa36106
229c469248ec24ad50ad5ad06734f052c2d79d9cf43066cd27d42463b4599615
2a8b3a340d10ff2fe005a67034b47f64646543aab3e3381f85992fa67e2761ab
364a23e13c64937c3fcea3db778628b89379c893849bbade6e5bf83c5f605c6a
376d9c85a9e3694fe46f62fcfe11e7dc6c18535170c3375778eaa5c558b8bd4b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39a980f341f52fff036bb7865b3a163bac7d654e23f7bbb5401165bfbded0afe
473b7a2bb50a6df274a93a42e8afda72dede8deb663cf10af95ac42cea9ecc94
4878cb334cc8ea13b543798fbb58ef109b495d63ed37a8e67efbdf12f27c32c5
4971afab5521aac5653d2bac889f8b72ce6560ccba5c5503fa851a418258b8a2
49b93c833617a437b5b14a4e3ac687b49b6920d126dfd7be76bacf546fe63d78
500dcc50b529cbade12716fb987052275972f50eb0c867b853981bb813ba1626
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5e3ddcc179937dc1994bdcbe2ed8b5c60a7c0c39df08bae1e0440fbcf7969953
6582c3caac40d04f76daa8f688f1854ae418b8abd33fc1ae11cf21c462c2da5d
66ef757f6502b509e5d89a8993dcb426c618062c519ced951d14fdf9b7aed0c9
6b41dd3fbabf55898402e5566e7b90c3609786c87af71567dc0bfb7677c0b6e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f7f1b97ed7e6ef1045043cee9d3b64c41dfd86350ab1cc5e9c27184ea8989e1
72fc8aebf9c6ef6a84992c11cca5ac85d9b3e024f8c2360e273038dca0287259
7a3c1f9abbf033ab060a440549c76c5bb876addcbbbd765ceb39311a404735f8
7bc51f1facfe610bb41a546cee177338158cc042f8caaf6e7a707759adbb9855
7c14c977f620e76fc6f8774a1328e44039f517233cffdc6a5cc213a976d3658d
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
80264ceebbd04197ad35c00d7d842e2cfbf05b467fd2e11ee598d36d7c97cb51
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
865fa1b2ec84b399ae0d57dd85f137ac6400ce6c0c05a94568f38b4637723ea9
86a3dc746816ccd37dc27c59d97f9b1cd6499095f2717556814f513e3984a939
92e48936531fc7dd51fa4799d53b25be293b2a198bee7b434d269bb2518d709f
9a03e29e2a4cb498c8c6df4e0b5c43e87d5a49360c6d3fba219a8ccb7988d2f0
a37b0df6f9759273db66b8a97a78ad39ac0a3bdfadc82eab0686f83b605490e3
a460670b57c248f0bd31003b0a6b712a02447a639d5221933829ae63a56d51a1
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
a83ce54296bf9bf4d344cc22ee5e81a41dcc87f1741deb0c28c8ba117df68a98
a8612a24353e26fa6e02685efbd664764782a9a4aac26468b6d1503ce2afda6d
ace9d9a5335575e4c90d2652fa3a19fa089a9033af8c8fb1090076d04c563b48
ad173040e86e62fe8e641277c56c583e58839bb59edc31959bce1c7fa586ffc5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4a73e79ac953f25e7800b5ca583552229ce52f3a8c9dad31ee9da427ffa614e
bc0cb5bf77d72ff50c484057114a0b8173c20c5165eaf3c5c91cfd7cc77b5611
c333531565428ab3aa7170652dc2291e2618e1d04270f3a9ec66689b3b6cb9d8
c4c4206ac831d6c006f8b9c4f3bfcc4b014aac3a3bc943a28865dd36cf2bbc42
c6176f7cbfd18bd9139fbd945f0bcf0057cbb7df3e0dce7e09dd25d587387735
c6f24f9cc8b094625be24524a47517b4602bf6021c4bb451c80b360382164b91
d00d1b84250a4886d05eb8146180447a656d25ac69cf41eda4ee0b4993a1d34c
d0c37c9d48d0f19fdeab2083c9ef737dce73b412566a40a69b5d32d6a26122c3
d1d44722c7add9b78f9a2ec526a2147383742af2d3fe52f10bcda709e95370fe
d47f69aec80af97467876c77c610d21ba417eed660f9627b3fdcc37691ce5a13
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2b3dc368d5b2afed44db0f7a9bda8cccdba3f25a7feedd6647051086554505d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed84c52446b4eb6726439c8288d4a38b94c334bb4034db33eccd33a4f582455c
ee6cff8e2478948c40206d1f61e2eabdc2796efe0d51b270cb96dce8037b75c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
f43d5b8e0497b059085c5d35a7de777ee7c3e537b7cb9c256b67b343c44d44aa
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fa1e64c876a5b446179f60f563ded304b4088a985d85440269191f6bbe818a74
fa788ca6337c9d0da60135e53097add8fdc6febb1ae489c7acc7edeb91d2494b
fb3b47b1c4ee3593233e0c71a8129481a459632e0648c506d5ffd4e19d117156