windowsonminnesota.zambezimarketing.com Open in urlscan Pro
144.202.17.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windowsonminnesota.zambezimarketing.com/
Submission Tags: @phishunt_io
Submission: On September 28 via api (September 28th 2021, 12:45:26 am UTC) from DE — Scanned from DE

Summary HTTP 64 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 64 HTTP transactions. The main IP is 144.202.17.128, located in Atlanta, United States and belongs to AS-CHOOPA, US. The main domain is windowsonminnesota.zambezimarketing.com.
TLS certificate: Issued by R3 on September 27th 2021. Valid for: 3 months.

This is the only time windowsonminnesota.zambezimarketing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	144.202.17.128 144.202.17.128	20473 (AS-CHOOPA) (AS-CHOOPA)
2	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1 5	172.67.72.106 172.67.72.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1	13.225.78.52 13.225.78.52	16509 (AMAZON-02) (AMAZON-02)
2	104.26.6.107 104.26.6.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.170.203.103 107.170.203.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	104.26.5.247 104.26.5.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.101.130.38 151.101.130.38	54113 (FASTLY) (FASTLY)
64	10

38 144.202.17.128 (Atlanta, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.17.128.vultr.com

windowsonminnesota.zambezimarketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.72.106 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

apps.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-52.fra2.r.cloudfront.net

cdn.linearicons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.6.107 (United States)

ASN13335 (CLOUDFLARENET, US)

service-reviews-ultimate.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.170.203.103 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

api.instacloud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.26.5.247 (United States)

ASN13335 (CLOUDFLARENET, US)

proxy.elfsightcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.130.38 (United States)

ASN54113 (FASTLY, US)

media-cdn.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	zambezimarketing.com windowsonminnesota.zambezimarketing.com	4 MB
7	tripadvisor.com media-cdn.tripadvisor.com	4 MB
7	elfsight.com 1 redirects apps.elfsight.com static.elfsight.com service-reviews-ultimate.elfsight.com	464 KB
6	elfsightcdn.com proxy.elfsightcdn.com	128 KB
3	gstatic.com fonts.gstatic.com	58 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	instacloud.io api.instacloud.io	20 KB
1	linearicons.com cdn.linearicons.com	22 KB
64	8

	Domain	Requested by
38	windowsonminnesota.zambezimarketing.com	windowsonminnesota.zambezimarketing.com
7	media-cdn.tripadvisor.com
6	proxy.elfsightcdn.com
3	fonts.gstatic.com	fonts.googleapis.com
3	static.elfsight.com	windowsonminnesota.zambezimarketing.com apps.elfsight.com
2	service-reviews-ultimate.elfsight.com	static.elfsight.com
2	apps.elfsight.com	1 redirects apps.elfsight.com
2	fonts.googleapis.com	windowsonminnesota.zambezimarketing.com
1	api.instacloud.io	static.elfsight.com
1	cdn.linearicons.com	windowsonminnesota.zambezimarketing.com
64	10

This site contains links to these domains. Also see Links.

Domain
www.hilton.com
player.vimeo.com
www.tripadvisor.com
www.instagram.com
www.facebook.com
twitter.com
www.google.com
goo.gl

Subject Issuer	Validity	Valid
windowsonminnesota.zambezimarketing.com R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.linearicons.com Amazon	`2021-02-20` - `2022-03-21`	a year	crt.sh
api.instacloud.io R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-25` - `2022-03-24`	a year	crt.sh
media.tacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://windowsonminnesota.zambezimarketing.com/
Frame ID: 41F27C61173BD266F27C6D95A0A02775
Requests: 60 HTTP requests in this frame

Frame: https://windowsonminnesota.zambezimarketing.com/form-builder/signup/
Frame ID: 92351838B07107851D2086AE1EAAB3DA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Marquette Hotel, Curio Collection by Hilton™

Detected technologies

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

64
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

10
IPs

1
Countries

8203 kB
Transfer

10998 kB
Size

2
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hilton.com/en/book/reservation/rooms/?ctyhocn=MSPCUQQ
Title: Book Now

Search URL Search Domain Scan URL

URL: https://player.vimeo.com/video/516566018
Title: Video

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/ShowUserReviews-g43323-d90402-r811202559-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html
Title: afirkus126 days ago

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/ShowUserReviews-g43323-d90402-r807379488-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html
Title: Companion324739August 30

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/ShowUserReviews-g43323-d90402-r803229865-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html
Title: Dennis WAugust 11

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/ShowUserReviews-g43323-d90402-r798888298-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html
Title: stanleydabellJuly 21

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/ShowUserReviews-g43323-d90402-r798762884-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html
Title: CkilburnJuly 20

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/ShowUserReviews-g43323-d90402-r794786775-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html
Title: MamaPapaVJune 29

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/ShowUserReviews-g43323-d90402-r794302161-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html
Title: kalebherron13June 26

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/ShowUserReviews-g43323-d90402-r792850986-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html
Title: 561RobertS561June 16

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CLHiat4ntMH/
Title: 18 Mornings call for coffee. Mornings call for coffee.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CK41g9OB2iK/
Title: 35 1 Snowy with a chance of sunshine. ❄️ Snowy with a chance of sunshine. ❄️

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CK4zR4JBM1w/
Title: 11 Your Valentine's Day staycation awaits. Link in bio. Your Valentine's Day staycation awaits. Link in bio.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CKjTwZalsw6/
Title: 16 2 We think you need a room with a view. Book our Deluxe Guest Room to see the city in all its glory. 📸 : @hollymarievanselow We think you need a room with a view. Book our Deluxe Guest Room to see the city in all its glory. 📸 : @hollymarievanselow

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CJ7gLEbl9Yf/
Title: 40 1 Designed with comfort and convenience in mind, the accommodations at the Marquette Hotel are innovative spaces to relax, work, and play during your winter stay in downtown Minneapolis. Book your staycation. Link in bio. Designed with comfort and convenience in mind, the accommodations at the Marquette Hotel are innovative spaces to relax, work, and play during your winter stay in downtown Minneapolis. Book your staycation. Link in bio.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CIyZDNnlVF1/
Title: 32 Say “I Do” with a View . . . Windows on Minnesota is the perfect, breathtaking location to surprise your love with a proposal. Windows will provide you and your loved one with: an unforgettable proposal setting, bottle of champagne and a free night stay at The Marquette Hotel. Say “I Do” with a View . . . Windows on Minnesota is the perfect, breathtaking location to surprise your love with a proposal. Windows will provide you and your loved one with: an unforgettable proposal setting, bottle of champagne and a free night stay at The Marquette Hotel.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MarquetteHotel/

Search URL Search Domain Scan URL

URL: https://twitter.com/MarquetteHotel

Search URL Search Domain Scan URL

URL: https://www.instagram.com/themarquettehotel/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/The+Marquette+Hotel,+Curio+Collection+by+Hilton/@44.976259,-93.271479,15z/data=!4m2!3m1!1s0x0:0xe44a8abd738df181?sa=X&ved=2ahUKEwjD3a-ioOvyAhUlM30KHclbBJUQ_BIwHXoECF0QBQ

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/KbUxnXAwqjqFRw4g6
Title: 710 S Marquette Ave,Minneapolis, MN 55402

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=the+marquette+hotel&oq=the+m&aqs=chrome.0.69i59j69i57j69i59l2j46i175i199i512j69i60l3.1064j0j4&sourceid=chrome&ie=UTF-8
Title: 612-333-4545

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://apps.elfsight.com/p/platform.js HTTP 301
https://static.elfsight.com/platform/platform.js

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
windowsonminnesota.zambezimarketing.com/ 40 KB
8 KB 600ms
132ms Document
text/html 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

62661c1784a3187c77ceadc6043b985f89f3b31dff1805976a37e90d236aaf03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: windowsonminnesota.zambezimarketing.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx-rc
date: Tue, 28 Sep 2021 00:45:18 GMT
content-type: text/html; charset=UTF-8
content-length: 8170
x-frame-options: SAMEORIGIN SAMEORIGIN
last-modified: Thu, 23 Sep 2021 20:16:20 GMT
accept-ranges: bytes
cache-control: max-age=3600
expires: Tue, 28 Sep 2021 01:45:18 GMT
vary: Accept-Encoding
content-encoding: gzip
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff

GET
H2 200 pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css
windowsonminnesota.zambezimarketing.com/site/assets/pwpc/ 352 KB
41 KB 164ms
163ms Stylesheet
text/css 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

bdf3696cef5380e5471430218238003648616cbee7aadca93fc619af363cac8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/pwpc/pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 25 Sep 2021 16:01:20 GMT
server: nginx-rc
etag: W/"614f47d0-581b2"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:18 GMT

GET
H2 200 pwpc-efbb84ef655dfec75392e2fd8b1c7fac68ed560e.js Show response
windowsonminnesota.zambezimarketing.com/site/assets/pwpc/ 84 KB
29 KB 164ms
164ms Script
application/javascript 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-efbb84ef655dfec75392e2fd8b1c7fac68ed560e.js

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/pwpc/pwpc-efbb84ef655dfec75392e2fd8b1c7fac68ed560e.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 26 Sep 2021 08:34:34 GMT
server: nginx-rc
etag: W/"6150309a-14e4a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:18 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 38ms
15ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hepta+Slab&family=Montserrat&display=swap

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

dc5fea0f66ba515ed09996716ca6a4fdc1b562726177f3e3e885004c9abe38ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 00:45:18 GMT
server: ESF
date: Tue, 28 Sep 2021 00:45:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 00:45:18 GMT

GET
H2 200 homepage-logo.png
windowsonminnesota.zambezimarketing.com/site/assets/files/1/ 14 KB
13 KB 113ms
112ms Image
image/png 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/1/homepage-logo.png

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

bccf10c1ca5b37bbe9d6560ef7cfa805a2fd4368425923e4907781b616418bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/1/homepage-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-3870"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 themarquettehotel.png
windowsonminnesota.zambezimarketing.com/site/assets/files/1/ 12 KB
12 KB 113ms
112ms Image
image/png 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/1/themarquettehotel.png

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

ccfd3e2282ffb5bd2c26a92de43fdb82030700099ac8d6671e019524ab89aa21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/1/themarquettehotel.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-30a7"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 logo-ta-1.png
windowsonminnesota.zambezimarketing.com/site/assets/files/1/ 4 KB
4 KB 113ms
112ms Image
image/png 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/1/logo-ta-1.png

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

cdd973427e52b332d1a7f796dd17a3efc7423ccc2e9701409cfc992784bebdb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/1/logo-ta-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-f19"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2

200

platform.js Show response
static.elfsight.com/platform/
Redirect Chain

https://apps.elfsight.com/p/platform.js
https://static.elfsight.com/platform/platform.js

46 KB
16 KB

47ms
21ms

Script
application/javascript

172.67.72.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae8d437de31b178387a7b0726b9a281592e13d7507054bdc74d9b0c09280be0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4557
cf-polished: origSize=47599
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: tx000000000000023f52ed4-006151d539-1558d748-sfo2a
x-hw: 1632753516.dop218.fr8.t,1632753516.cds231.fr8.shn,1632753516.dop218.fr8.t,1632753516.cds010.fr8.c
last-modified: Thu, 02 Sep 2021 07:44:14 GMT
server: cloudflare
cache-control: max-age=3600
etag: W/"ef2f67e3a1e4c04993ec0ccb36cc7989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojT%2Fa9cT1kEc4iO4VHllhBD61EYG1SM8q%2FzAx4kBlwVznwkUG7kw8BfYjoSJbakWUm00%2FK%2F6E%2BJ1hVN%2BPA30Oibl4Zd10LNga%2FVTzUZ9Cw8wQHYd%2BpzZxsf447cJDtwZl8VTz4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-rgw-object-type: Normal
cf-ray: 6958f2c3dcec2794-PRG
cf-bgj: minify

Redirect headers

date: Tue, 28 Sep 2021 00:45:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt8LET%2BQLpE225gbEhN0KHZQH1EXgWGs0FZjZLvqZX8KLBqnzOsQZF62vpPwQrJoYQIPA%2FizIgFhrlLgkgdRU7maFVbr90vnSLly6kGmR8O4es509Ld%2F7x4vwqAaYLwi1Ehc"}],"group":"cf-nel","max_age":604800}
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 6958f2c38c712794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 28 Sep 2021 01:45:19 GMT

GET
H2 200 themarquettehotel.75x0-is.png
windowsonminnesota.zambezimarketing.com/site/assets/files/1/ 4 KB
4 KB 113ms
112ms Image
image/png 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/1/themarquettehotel.75x0-is.png

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

6beba83505b101f8ca4b7131f807f52a8e96bb7c08764d21f5501ef409f0d7af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/1/themarquettehotel.75x0-is.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 08 Sep 2021 19:58:39 GMT
server: nginx-rc
etag: W/"613915ef-eef"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 uikit.js Show response
windowsonminnesota.zambezimarketing.com/site/templates/uikit/js/ 340 KB
63 KB 119ms
119ms Script
application/javascript 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/templates/uikit/js/uikit.js

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

8ecff0222bff471f4bf1d925a162a03c9b9a02dc3e7ee476ae49431821726040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/templates/uikit/js/uikit.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 22:21:10 GMT
server: nginx-rc
etag: W/"6137e5d6-550c7"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 uikit-icons.js Show response
windowsonminnesota.zambezimarketing.com/site/templates/uikit/js/ 69 KB
18 KB 109ms
109ms Script
application/javascript 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/templates/uikit/js/uikit-icons.js

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

b465d78eb4c8b4173df5e37704c40432f290539414258b8e4e13abe9053d146e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/templates/uikit/js/uikit-icons.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 22:21:10 GMT
server: nginx-rc
etag: W/"6137e5d6-114a8"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 pwpc-8fd7b06b5bcb90e3547f64741afe77b4803e1afe.js Show response
windowsonminnesota.zambezimarketing.com/site/assets/pwpc/ 212 KB
53 KB 113ms
111ms Script
application/javascript 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-8fd7b06b5bcb90e3547f64741afe77b4803e1afe.js

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

a161a79e303dd4b064ee7fd13ed66e64032859fe2c382c7376435ba0d1991314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/pwpc/pwpc-8fd7b06b5bcb90e3547f64741afe77b4803e1afe.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 26 Sep 2021 08:34:34 GMT
server: nginx-rc
etag: W/"6150309a-34fed"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 lnr-icons.css
windowsonminnesota.zambezimarketing.com/site/templates/css/ 9 KB
2 KB 113ms
112ms Stylesheet
text/css 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/templates/css/lnr-icons.css

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

52aace43c4f3dfc35c14c158e84c2889ee4bb4f4e3278e739c29895e5aefe02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/templates/css/lnr-icons.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:36:05 GMT
server: nginx-rc
etag: W/"6137bf25-227c"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bb97d744a650c449a4620ba5aaeb55fd21828b4dbd2fc1c430e07a7bf2f1b1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 bg-substrate2.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/1/ 1 MB
1 MB 133ms
133ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/1/bg-substrate2.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

449b271509392ce8564b0efcbe897cc28d3e688aa6f780673faf451a0ffd1cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/1/bg-substrate2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-120c34"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 bg.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9280/ 198 KB
197 KB 132ms
132ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9280/bg.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

dded283501c4aea0a6d4172787ee4f508efad587500c971fe3c03f070f9a52f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9280/bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-31721"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 29ms
7ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hepta+Slab&family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsonminnesota.zambezimarketing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:18:36 GMT
x-content-type-options: nosniff
age: 473203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 13:18:36 GMT

GET
H2 200 ea8JadoyU_jkHdalebHvyWVNdYoIsHe5HvkV5wfcaZE.woff2
fonts.gstatic.com/s/heptaslab/v9/ 19 KB
19 KB 34ms
12ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/heptaslab/v9/ea8JadoyU_jkHdalebHvyWVNdYoIsHe5HvkV5wfcaZE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hepta+Slab&family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

353ab6713189d676a6a875585046481d379b4a5de561efe2bb5a7e147a19dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsonminnesota.zambezimarketing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:55:30 GMT
x-content-type-options: nosniff
age: 110989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19108
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:28:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 17:55:30 GMT

GET
H2 200 minneapolis_downtown_luxury_hotel.780x510.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9166/ 66 KB
66 KB 323ms
321ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9166/minneapolis_downtown_luxury_hotel.780x510.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

3d355d438fcf22ef5e1e6d68954d40ee22f5f3fc30ebdf9b4e84c2099f547002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9166/minneapolis_downtown_luxury_hotel.780x510.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 21:36:31 GMT
server: nginx-rc
etag: W/"6137db5f-1064f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 minneapolis_downtown_luxury_hotel-1.350x200.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9166/ 16 KB
16 KB 323ms
320ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9166/minneapolis_downtown_luxury_hotel-1.350x200.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

14d960a442cd3410732425a92dfde7980061a6216e7ed36af24db42f365c0ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9166/minneapolis_downtown_luxury_hotel-1.350x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:16 GMT
server: nginx-rc
etag: W/"6137bf6c-3f65"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 luxury_hotel_minneapolis_downtown_area.350x200.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9166/ 18 KB
18 KB 323ms
320ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9166/luxury_hotel_minneapolis_downtown_area.350x200.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

d09fa65b7cdbc34184dff539eafca641ba160f6d4cac8eebeb6618fb1d00b770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9166/luxury_hotel_minneapolis_downtown_area.350x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:16 GMT
server: nginx-rc
etag: W/"6137bf6c-4613"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 bets_bar_minneapolis_downtown.350x200.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9166/ 14 KB
14 KB 323ms
320ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9166/bets_bar_minneapolis_downtown.350x200.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

70e95920fdd3ae9ee6e828f57ffd32f5f03fba351152ea683926d9044db34437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9166/bets_bar_minneapolis_downtown.350x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:16 GMT
server: nginx-rc
etag: W/"6137bf6c-38bf"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 minneapolis_rooftop_event_venue_with_views.350x200.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9166/ 20 KB
21 KB 323ms
321ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9166/minneapolis_rooftop_event_venue_with_views.350x200.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

f1682ef17426689374b6f174192090c161f58981a604ae9f74cb39aee51efb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9166/minneapolis_rooftop_event_venue_with_views.350x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:16 GMT
server: nginx-rc
etag: W/"6137bf6c-51da"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 best_lounge_minneapolis_downtown.400x280.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9284/ 22 KB
22 KB 323ms
321ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9284/best_lounge_minneapolis_downtown.400x280.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

537c49a217602681eefe327f526a7395718e162f3c112140a8ef6918abb4074e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9284/best_lounge_minneapolis_downtown.400x280.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-5897"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 curio_marquette_joliette_house2_82175.400x280.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9285/ 29 KB
30 KB 323ms
321ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9285/curio_marquette_joliette_house2_82175.400x280.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

a110f350de1c6de036ff3b2d603b60c4065f0830030471ad32fab84edb932167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9285/curio_marquette_joliette_house2_82175.400x280.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:16 GMT
server: nginx-rc
etag: W/"6137bf6c-75e8"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 josh-hild-l-a2wryaytu-unsplash.400x280.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9286/ 35 KB
36 KB 324ms
321ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9286/josh-hild-l-a2wryaytu-unsplash.400x280.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

3d23bf9b9187b2f3163e7ab6154ddf301abd30805a3320060c6cdd156eff8d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9286/josh-hild-l-a2wryaytu-unsplash.400x280.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:16 GMT
server: nginx-rc
etag: W/"6137bf6c-8d60"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 starshollowsquare-hi-res.420x320.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9279/ 26 KB
26 KB 323ms
321ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9279/starshollowsquare-hi-res.420x320.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

d35f42ec3d7c700bfb640f12b0882128f1032c40ad668d9a319ce75aef6d72ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9279/starshollowsquare-hi-res.420x320.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-692d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 corporate_event_venue_minneapolis_downtown.420x320.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9279/ 29 KB
29 KB 323ms
322ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9279/corporate_event_venue_minneapolis_downtown.420x320.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

df4732b5ecafbebbc868e9e69422b3798b695a6b9c3897ed783e24e3122e3f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9279/corporate_event_venue_minneapolis_downtown.420x320.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-724a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 corporate_event_space_minneapolis_mn.420x320.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9279/ 29 KB
29 KB 323ms
322ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9279/corporate_event_space_minneapolis_mn.420x320.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

6c12b74fba4b60628830b4054504eee7611d16dd6d5de0450e5890f0ed973fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9279/corporate_event_space_minneapolis_mn.420x320.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-75a2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 event_venue_downtown_minneapolis_mn.420x320.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9279/ 23 KB
23 KB 323ms
322ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9279/event_venue_downtown_minneapolis_mn.420x320.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

5a9e52072eb5cc035c22228cf751008b04535a4793938c738a028fe0528fdae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9279/event_venue_downtown_minneapolis_mn.420x320.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-5a83"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 event_venue_minneapolis_downtown.420x320.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9279/ 32 KB
32 KB 324ms
323ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9279/event_venue_minneapolis_downtown.420x320.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

94c1d1dca7c41d5f8ec0954465088596be5e55776a107462da463f73572c540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9279/event_venue_minneapolis_downtown.420x320.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-807d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 galaxywedding-hi-res-1.240x720.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9279/ 29 KB
29 KB 324ms
323ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9279/galaxywedding-hi-res-1.240x720.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

cc052eab6490b37dd5a08e9728521e60d80f3874c5e8931ee08de4b5a5f41d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9279/galaxywedding-hi-res-1.240x720.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-75ab"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 / Show response
windowsonminnesota.zambezimarketing.com/form-builder/signup/ Frame 9235 6 KB
2 KB 593ms
593ms Document
text/html 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/form-builder/signup/

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc / ProcessWire CMS

Resource Hash

5ec01d1cb3565cbab08c0d2138438e81eb4b0ba650ca0adb47ceeab471754833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: windowsonminnesota.zambezimarketing.com
:scheme: https
:path: /form-builder/signup/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://windowsonminnesota.zambezimarketing.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/

Response headers

server: nginx-rc
date: Tue, 28 Sep 2021 00:45:19 GMT
content-type: text/html; charset=utf-8
content-length: 1898
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: ProcessWire CMS
set-cookie: wires=a23asuld9k8lk214ic11lst2i3; path=/; secure; HttpOnly; SameSite=Lax
x-frame-options: SAMEORIGIN SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
x-xss-protection: 1; mode=block 1; mode=block
x-content-type-options: nosniff

GET
H2 200 bg.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/1/ 198 KB
197 KB 316ms
316ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/1/bg.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

dded283501c4aea0a6d4172787ee4f508efad587500c971fe3c03f070f9a52f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/1/bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-31721"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 hotel-restaurant.woff
windowsonminnesota.zambezimarketing.com/site/templates/css/fonts/ 52 KB
53 KB 316ms
316ms Font
font/woff 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/templates/css/fonts/hotel-restaurant.woff

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

45613d06246012287e23c72d2274dd2d93894fe3b3a45d293225f73b551f648a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/templates/css/fonts/hotel-restaurant.woff
pragma: no-cache
origin: https://windowsonminnesota.zambezimarketing.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css
Origin: https://windowsonminnesota.zambezimarketing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:36:05 GMT
server: nginx-rc
etag: W/"6137bf25-d1fc"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 wedding_venue_downtown_minneapolis_rooftop_event_venue_with_views.1200x1000.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9280/ 246 KB
246 KB 226ms
225ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9280/wedding_venue_downtown_minneapolis_rooftop_event_venue_with_views.1200x1000.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

c1baef220c4cda0849943385bb0db8ea6d17b65349667caf84371c8e8eeb6719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9280/wedding_venue_downtown_minneapolis_rooftop_event_venue_with_views.1200x1000.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-3d72c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 downtown-luxury-minneapolis-hotels.2048x1365-srcset.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9294/ 429 KB
430 KB 271ms
271ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9294/downtown-luxury-minneapolis-hotels.2048x1365-srcset.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

2e63e79d431540d715f8a83bfdafce28ff774ac9e2eeaf67aceda2991f106622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9294/downtown-luxury-minneapolis-hotels.2048x1365-srcset.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:16 GMT
server: nginx-rc
etag: W/"6137bf6c-6b525"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 line-1.png
windowsonminnesota.zambezimarketing.com/site/assets/files/1/ 11 KB
12 KB 271ms
271ms Image
image/png 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/1/line-1.png

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

0371d63563ca58daec03d1b921f9ca72775f56b512eda3a5482336bb6f9f8d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/1/line-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 16:12:07 GMT
server: nginx-rc
etag: W/"613a3257-2dcd"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 Linearicons-Free.woff2
cdn.linearicons.com/free/1.0.0/ 21 KB
22 KB 66ms
7ms Font
application/font-woff2 13.225.78.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2
Requested by: Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/site/templates/css/lnr-icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-52.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33

Request headers

Referer: https://windowsonminnesota.zambezimarketing.com/
Origin: https://windowsonminnesota.zambezimarketing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 21:36:56 GMT
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jun 2015 09:10:36 GMT
server: AmazonS3
age: 14785704
etag: "03e91f122aa5fd425abbe23c85546eb0"
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31000000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 21780
x-amz-cf-id: MIpmK8Vb0qDrarSKqtDCLLmSgdvoFYCKfjawLfCfo0jJ_ONgF1riMQ==

GET
H2 200 modulobox.svg
windowsonminnesota.zambezimarketing.com/site/templates/css/ 20 KB
4 KB 263ms
263ms Image
image/svg+xml 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/templates/css/modulobox.svg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

9e824ff3182981535d9c1c6faa2ffc489070ba6ef37c18a2eba87e64aa79a19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/templates/css/modulobox.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-169bd51c7d08a9465b43cb6c5c970a1a3b71c1bd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:36:05 GMT
server: nginx-rc
etag: W/"6137bf25-5036"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 / Show response
apps.elfsight.com/p/boot/ 6 KB
3 KB 576ms
575ms XHR
application/json 172.67.72.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.elfsight.com/p/boot/?w=35b868c1-fb1f-46da-bce9-21437d7c89b0%2Cf6588aa3-d6bb-4ede-ab3f-fb553eb150d1

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe47894225ee5e5e0c06b8025c82bfb336f4fefa665c0f4f9b35585767caf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r94SP9CqAFzK45Q4XA6zYV683v1VZJ%2FjMwkhdzU9%2FxGXxbBEuf4UzdXsHVm2sk9Tbxy4%2BCgeeQQAVKVtmqYmJO7NVzSMQOGiQ8GPmOetpOqqoa9gMkL6dcMgem5Rz%2BdXB6gb"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://windowsonminnesota.zambezimarketing.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-apo-via: origin,host
cf-ray: 6958f2c50d472794-PRG
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H3 200 css2
fonts.googleapis.com/ Frame 9235 3 KB
610 B 30ms
16ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hepta+Slab&family=Montserrat&display=swap

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/form-builder/signup/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

dc5fea0f66ba515ed09996716ca6a4fdc1b562726177f3e3e885004c9abe38ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 00:45:19 GMT
server: ESF
date: Tue, 28 Sep 2021 00:45:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Sep 2021 00:45:19 GMT

GET
H2 200 pwpc-558600cb7e7c8e82587392dc21c2cdede9f2b980.css
windowsonminnesota.zambezimarketing.com/site/assets/pwpc/ Frame 9235 268 KB
28 KB 110ms
109ms Stylesheet
text/css 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-558600cb7e7c8e82587392dc21c2cdede9f2b980.css

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/form-builder/signup/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

0be5046a28a7cfba17877224ae05b9c554a25749f7e35e6fc5a836c2cca16838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/pwpc/pwpc-558600cb7e7c8e82587392dc21c2cdede9f2b980.css
pragma: no-cache
cookie: wires=a23asuld9k8lk214ic11lst2i3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/form-builder/signup/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/form-builder/signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 27 Sep 2021 16:32:56 GMT
server: nginx-rc
etag: W/"6151f238-42eb9"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H2 200 pwpc-50b50d843319e894fb1b390dfb308add470a15ba.js Show response
windowsonminnesota.zambezimarketing.com/site/assets/pwpc/ Frame 9235 380 KB
107 KB 110ms
110ms Script
application/javascript 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/pwpc/pwpc-50b50d843319e894fb1b390dfb308add470a15ba.js

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/form-builder/signup/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

84079cae58cb36831a0eb44ee9a2352b62b536e9bbc09d09b7ef37aa13fc624c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/pwpc/pwpc-50b50d843319e894fb1b390dfb308add470a15ba.js
pragma: no-cache
cookie: wires=a23asuld9k8lk214ic11lst2i3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/form-builder/signup/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/form-builder/signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:19 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 27 Sep 2021 16:21:24 GMT
server: nginx-rc
etag: W/"6151ef84-5f0ec"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:19 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 9235 19 KB
19 KB 22ms
7ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hepta+Slab&family=Montserrat&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsonminnesota.zambezimarketing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:18:36 GMT
x-content-type-options: nosniff
age: 473204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 13:18:36 GMT

GET
H3 200 tripadvisorReviews.js Show response
static.elfsight.com/apps/tripadvisor-reviews/release/8b357439-b7c8-41e0-82fb-7037c2c693ea/app/ 1 MB
355 KB 60ms
59ms Script
application/javascript 172.67.72.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/tripadvisor-reviews/release/8b357439-b7c8-41e0-82fb-7037c2c693ea/app/tripadvisorReviews.js

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81654fd46ca71a70c83215f3cd5870cc977013987b5d319f649662cc661050b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:20 GMT
content-encoding: br
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36211
cf-polished: origSize=1264391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: tx00000000000002400dd53-006151d78b-1558cb1d-sfo2a
x-hw: 1632753709.dop243.fr8.t,1632753709.cds052.fr8.shn,1632753709.dop243.fr8.t,1632753709.cds252.fr8.c
last-modified: Mon, 02 Aug 2021 13:37:48 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"4701cdc1f73100c2d25c08a8a77ddfca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTymoa4%2FNB9kadgvr8%2FZS1Z3kslEgk%2BhN%2BTkz5LINrU2QwW373T6MQOfPgPJh2nlxS47bfluVGYo8I50mkHpXZXRDsLq1V0bSB%2Fc8RgBg8VbRflk1nelfxoUpxpclB3ujY0H4vM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-rgw-object-type: Normal
cf-ray: 6958f2c8acda4125-PRG
cf-bgj: minify

GET
H3 200 instagram-feed.js Show response
static.elfsight.com/apps/instashow/release/62d00317-d034-4b32-afc1-a5242b92a897/app/ 374 KB
83 KB 28ms
28ms Script
application/javascript 172.67.72.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/instashow/release/62d00317-d034-4b32-afc1-a5242b92a897/app/instagram-feed.js

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c25749af05fe500e792cf5595379bf1b95c43cfab5e45b718ebf2bfcef1d2a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:20 GMT
content-encoding: br
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36403
cf-polished: origSize=382751
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: tx000000000000024000aa6-006151d74e-1558cb1d-sfo2a
x-hw: 1632753517.dop003.fr8.t,1632753517.cds138.fr8.shn,1632753517.dop003.fr8.t,1632753517.cds150.fr8.c
last-modified: Fri, 24 Sep 2021 06:24:11 GMT
server: cloudflare
cache-control: max-age=31536000
etag: W/"085fe095148d04afbf33fcdf43438cc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnbapVona%2BWXbpZRDzLMozKeWJqToP2%2FNuXmw87sO6QnVIZCS0hoAprAWK77PoN5oZ6JWSc0IUFXCOPAy2lUJskcV3ZNCUwcn1CNlavLWrapDIhTYyOjWS2lq0ch5y26p6bvpuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-rgw-object-type: Normal
cf-ray: 6958f2c8acdb4125-PRG
cf-bgj: minify

GET
H2 200 sources Show response
service-reviews-ultimate.elfsight.com/data/ 309 B
972 B 591ms
532ms Fetch
application/json 104.26.6.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service-reviews-ultimate.elfsight.com/data/sources?&uris[]=https%3A%2F%2Fwww.tripadvisor.com%2FHotel_Review-g43323-d90402-Reviews-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html&with_text_only=1&min_rating=4&order=date&page_length=19

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/tripadvisor-reviews/release/8b357439-b7c8-41e0-82fb-7037c2c693ea/app/tripadvisorReviews.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48039d8d4c58ae162f91201db94a1b0f617b419d4b9d3d87ae83b32e4c3273f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXxVTqlQi8uIlxEV5r9EqcoXD1Fjl7lCJtaptg0iuXUe0xs94LQwtBTAyRSfgsyS6iA4MJLLQ9EhemwxzcOUvd%2BaICb9xlzaCvq%2BRQf8fL1OltaBlZrEVjrV%2BFr1D4RaCR7J3msl%2B38m%2BZdDZio1oBIUpwjYaEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://windowsonminnesota.zambezimarketing.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: no-cache, private
cf-apo-via: origin,host
cf-ray: 6958f2ca5f474126-PRG

GET
H/1.1 200
OK / Show response
api.instacloud.io/ 142 KB
20 KB 748ms
403ms Fetch
application/json 107.170.203.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api.instacloud.io/?count=50&path=%2Fv1%2Fusers%2Fthemarquettehotel%2Fmedia%2Frecent%2F&test_analyze=count_requests

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/instashow/release/62d00317-d034-4b32-afc1-a5242b92a897/app/instagram-feed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

107.170.203.103 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.15.5 /

Resource Hash

e766c669556f55d1288fdd826b3df619432d129dc5c7934899ad0ddc750c1626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 00:45:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Server: nginx/1.15.5
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-TT: 1
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Instacloud-Host

GET
H3 200 reviews Show response
service-reviews-ultimate.elfsight.com/data/ 15 KB
5 KB 553ms
532ms Fetch
application/json 104.26.6.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://service-reviews-ultimate.elfsight.com/data/reviews?uris%5B0%5D=https%3A%2F%2Fwww.tripadvisor.com%2FHotel_Review-g43323-d90402-Reviews-The_Marquette_Hotel_Curio_Collection_by_Hilton-Minneapolis_Minnesota.html&with_text_only=1&min_rating=4&order=date&page_length=19

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/tripadvisor-reviews/release/8b357439-b7c8-41e0-82fb-7037c2c693ea/app/tripadvisorReviews.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.107 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ce921c4192405f0a0d3b2c45953204073270988c5d80f423f9ecedceb7b000

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhF204%2FJnEwj4WCDtFzWu6t7d24ufI0bgkYc57dgLjbC4%2B9QalPhrkowRIFr34GeVMZT%2FBfgpO%2BZuAsZllXFPJ7mzIG6j4MEU2Zgw3gKXkHUhQSm74%2BCiS4BmHz8AtniEtb7%2F53X0JjAQwa3Bu%2BKRLeWYvxrvrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://windowsonminnesota.zambezimarketing.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: no-cache, private
cf-apo-via: origin,host
cf-ray: 6958f2cde87727b4-PRG

GET
H2 200 /
proxy.elfsightcdn.com/ 15 KB
15 KB 222ms
166ms Image
image/jpeg 104.26.5.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.elfsightcdn.com/?url=https%3A%2F%2Fscontent-dub4-1.cdninstagram.com%2Fv%2Ft51.2885-15%2Fe35%2Fc239.0.961.961a%2Fs320x320%2F148248173_236043311504613_2673998137518855880_n.jpg%3F_nc_ht%3Dscontent-dub4-1.cdninstagram.com%26_nc_cat%3D109%26_nc_ohc%3D-wfgs8Oj-08AX_ZRZB9%26edm%3DAPU89FABAAAA%26ccb%3D7-4%26oh%3D268e331d7eb96733effaa61f2550f7ef%26oe%3D6159CABD%26_nc_sid%3D86f79a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7dc18992809677ae6228fe866f8ec9c8c8ca538c18f1db04611b34a479639a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 1025125176
date: Tue, 28 Sep 2021 00:45:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 15235
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Wed, 10 Feb 2021 16:04:22 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ci%2BoeDYF1lFdHz%2BlJ%2F0KErDLLRhSysWGxT4JQ7JCz3%2B7TXwqRnrF59JFBJCGvO8lZbFFyltql5DoLFG4dmJy3ZRlY3b4BhGuYDhKG74diYmym8kcuiLW6pCk4brK8sAk15IpwMBI1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1496030070
accept-ranges: bytes
cf-ray: 6958f2cfdec6f9d2-PRG

GET
H2 200 /
proxy.elfsightcdn.com/ 29 KB
29 KB 219ms
163ms Image
image/jpeg 104.26.5.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.elfsightcdn.com/?url=https%3A%2F%2Fscontent-dub4-1.cdninstagram.com%2Fv%2Ft51.2885-15%2Fe35%2Fc0.89.863.863a%2Fs320x320%2F145617776_3537252343063437_8077651266917526414_n.jpg%3F_nc_ht%3Dscontent-dub4-1.cdninstagram.com%26_nc_cat%3D109%26_nc_ohc%3DGZek5h2v1foAX8KKaJ2%26edm%3DAPU89FABAAAA%26ccb%3D7-4%26oh%3Deaa353d0c670c2ee210569ac99b170a9%26oe%3D6158AEF2%26_nc_sid%3D86f79a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e79878b572fec0565b3af2c6a7c8f1c5ea0bf0005b4ed89c74f68774b92157

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 2198021314
date: Tue, 28 Sep 2021 00:45:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 29750
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Thu, 04 Feb 2021 23:04:25 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKQOxXTpD2zr5iSwtJ6jkHWjoFVJOmOMYzWVn3QD2Kmwe2%2FTSRvMCedRD6hIYDxxUAHWGyHvydk%2FwvZ2WZhpKHSC7U6t93EG1TbtvfK6ntpAhNVIvGnjRxmh92Bo%2F%2BYcWeMgkSJNHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform
x-needle-checksum: 4088844385
accept-ranges: bytes
cf-ray: 6958f2cfdec7f9d2-PRG

GET
H2 200 /
proxy.elfsightcdn.com/ 14 KB
15 KB 207ms
151ms Image
image/jpeg 104.26.5.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.elfsightcdn.com/?url=https%3A%2F%2Fscontent-dub4-1.cdninstagram.com%2Fv%2Ft51.2885-15%2Fe35%2Fc0.180.1440.1440a%2Fs320x320%2F146197857_1368983136788245_5193362897389947257_n.jpg%3F_nc_ht%3Dscontent-dub4-1.cdninstagram.com%26_nc_cat%3D101%26_nc_ohc%3DSrXpudNXBgcAX8qtW4r%26edm%3DAPU89FABAAAA%26ccb%3D7-4%26oh%3D9ee1da1a50c19a6b6c0357d7e90a293e%26oe%3D61594956%26_nc_sid%3D86f79a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e376cb610f2e0898cd0b69d21155a8d3cfe9b977ec3cda53046aa1fcb74692

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 1504823964
date: Tue, 28 Sep 2021 00:45:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 14772
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Thu, 04 Feb 2021 22:44:39 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiGbvX6DqL0IhSrHqeJ4nxuiVbptqDL%2FqwdINAqRvhT2%2FokNq%2BY5FYnf3FLwh6fp%2BQaUnDCDDUkDSY5NxsNL3dAgya%2B5gpH7RfYcZQY9cWx5dvBJ2ZMW%2Fw78c5WhoNCBhxPZas%2BIfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform
x-needle-checksum: 72210773
accept-ranges: bytes
cf-ray: 6958f2cfdec8f9d2-PRG

GET
H2 200 /
proxy.elfsightcdn.com/ 17 KB
18 KB 221ms
167ms Image
image/jpeg 104.26.5.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.elfsightcdn.com/?url=https%3A%2F%2Fscontent-dub4-1.cdninstagram.com%2Fv%2Ft51.2885-15%2Fe35%2Fc240.0.960.960a%2Fs320x320%2F142917139_3900711449980597_9180374479074308232_n.jpg%3F_nc_ht%3Dscontent-dub4-1.cdninstagram.com%26_nc_cat%3D101%26_nc_ohc%3DDYJuborW41IAX8HuuF3%26edm%3DAPU89FABAAAA%26ccb%3D7-4%26oh%3Df19b088d8cdd4dd23fbdc8a31fccf722%26oe%3D6159CFC2%26_nc_sid%3D86f79a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b8a6b68cb93abc427b39a1105d35b5e7e02813291a3d6689619a8eb8b0d9ba2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 3473450280
date: Tue, 28 Sep 2021 00:45:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 17796
timing-allow-origin: *
x-fb-trip-id: 2042748335
last-modified: Wed, 27 Jan 2021 14:25:14 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCQE3by0c9tpCk845kHKas24yeE5GbQARCCq0hU5%2FgW2opozdk3zGCJL4rl%2BgKaYRzmpwjqky%2BMvW2VwVopwOuy%2Bz7V1%2F%2FRQn8j0O2aQyDhvq3sF50rZd4h%2FCcOvUsLfCGrUa9YtEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2899895986
accept-ranges: bytes
cf-ray: 6958f2cfdecaf9d2-PRG

GET
H2 200 /
proxy.elfsightcdn.com/ 22 KB
22 KB 207ms
153ms Image
image/jpeg 104.26.5.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.elfsightcdn.com/?url=https%3A%2F%2Fscontent-dub4-1.cdninstagram.com%2Fv%2Ft51.2885-15%2Fe35%2Fc0.179.1440.1440a%2Fs320x320%2F137533120_738504943717939_7138348898698115531_n.jpg%3F_nc_ht%3Dscontent-dub4-1.cdninstagram.com%26_nc_cat%3D107%26_nc_ohc%3DKEVOhh2lDZ4AX8cq2uU%26edm%3DAPU89FABAAAA%26ccb%3D7-4%26oh%3D17c8b809a38364e882a38200c162a9b4%26oe%3D615896CA%26_nc_sid%3D86f79a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64681704c9ce47bc93e1245892cb8d062d795f99c6151190c19bbd53302551d2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 216471172
date: Tue, 28 Sep 2021 00:45:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 22525
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Tue, 12 Jan 2021 03:24:10 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kgfj0CjcqRbdK0yRAf6RjSpelj4%2FcT%2BeyQzraQneDsCn%2BNBZ7QJy1pu%2BjUDCu%2FCorpqAPsCaREfiIoe1vJ2msbqaUl0BQnKyhgiecfY2q4zxiYdDjarUSilxWIPyTELdjbM2CDbVeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1151327957
accept-ranges: bytes
cf-ray: 6958f2cfdecbf9d2-PRG

GET
H2 200 /
proxy.elfsightcdn.com/ 28 KB
28 KB 221ms
167ms Image
image/jpeg 104.26.5.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proxy.elfsightcdn.com/?url=https%3A%2F%2Fscontent-dub4-1.cdninstagram.com%2Fv%2Ft51.2885-15%2Fe35%2Fc0.170.1398.1398a%2Fs320x320%2F131049155_531867044439173_571485130142417095_n.jpg%3F_nc_ht%3Dscontent-dub4-1.cdninstagram.com%26_nc_cat%3D105%26_nc_ohc%3DMfNBgIA5pswAX9cwN5y%26edm%3DAPU89FABAAAA%26ccb%3D7-4%26oh%3Dbada6021cac29f3e8a363660e34adca7%26oe%3D6157F4CC%26_nc_sid%3D86f79a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0657f87b4f5eae5da1875000f409bf829a4ca9c9c3e722d1aec220131f64e678

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 1820980505
date: Tue, 28 Sep 2021 00:45:21 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 28450
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Mon, 14 Dec 2020 17:57:15 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFW52TVZgErJb6xKt5JTQB7UHQOk12ZmyAq0GBTN4BHK7Ux8TN7PH9yS32cV99ktzlDLa6qSEtGDujJq2TIZNauH4GSFaomIevGnK0nXJr%2FBgCK43k34HQy385pkU4W1yr0fUpf%2BDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1237945180
accept-ranges: bytes
cf-ray: 6958f2cfdeccf9d2-PRG

GET
H2 200 default-avatar-2020-15.jpg
media-cdn.tripadvisor.com/media/photo-o/1a/f6/f0/48/ 270 KB
271 KB 97ms
6ms Image
image/jpeg 151.101.130.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/1a/f6/f0/48/default-avatar-2020-15.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1cab26dea7fcd277740cc8eb2b5c86dfa19ce260b05f5aa71108ce87b7284741

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:21 GMT
via: 1.1 varnish, 1.1 varnish
etag: "7ad2693587cb4da839c9a41bde3aa7e2"
x-media-cdn: 223313206
age: 2216085
x-cache: HIT, HIT
content-length: 276901
x-served-by: cache-bwi5176-BWI, cache-hhn4054-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 21 Feb 2020 21:21:50 GMT
x-timer: S1632789922.614005,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 default-avatar-2020-57.jpg
media-cdn.tripadvisor.com/media/photo-o/1a/f6/e7/99/ 261 KB
261 KB 110ms
20ms Image
image/jpeg 151.101.130.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/1a/f6/e7/99/default-avatar-2020-57.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f57cc4030f30006425103ae00668c4178671742dcf8f78c1faa33d529368e6fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:21 GMT
via: 1.1 varnish, 1.1 varnish
etag: "5c745b829c80093b07c26db237615acd"
x-media-cdn: 210975717
age: 2219920
x-cache: HIT, HIT
content-length: 266905
x-served-by: cache-bwi5176-BWI, cache-hhn4054-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 21 Feb 2020 21:02:40 GMT
x-timer: S1632789922.614074,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 thecolonel1215.jpg
media-cdn.tripadvisor.com/media/photo-o/04/1b/02/c6/ 2 MB
2 MB 231ms
141ms Image
image/jpeg 151.101.130.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/04/1b/02/c6/thecolonel1215.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fcb9cfe4db1bac0d0ba68b55df06941f197b02fe9ab3383a9ecb172091cfece2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:21 GMT
via: 1.1 varnish, 1.1 varnish
etag: "f75a352567a8cee478ed5091e967b78a"
x-media-cdn: 402365330
age: 636366
x-cache: HIT, MISS
content-length: 2325337
x-served-by: cache-bwi5138-BWI, cache-hhn4054-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Wed, 22 Jan 2014 07:16:31 GMT
x-timer: S1632789922.614125,VS0,VE135
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 0

GET
H2 200 default-avatar-2020-17.jpg
media-cdn.tripadvisor.com/media/photo-o/1a/f6/f0/d5/ 165 KB
165 KB 108ms
19ms Image
image/jpeg 151.101.130.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/1a/f6/f0/d5/default-avatar-2020-17.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ec7bf847e307305f0c6b9fb70b8dbc922a1c611ddece07c658c1724c3cd40f42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:21 GMT
via: 1.1 varnish, 1.1 varnish
etag: "c066007398fe3a66599379ca47a912a7"
x-media-cdn: 207485203
age: 1618203
x-cache: HIT, HIT
content-length: 168461
x-served-by: cache-bwi5183-BWI, cache-hhn4054-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 21 Feb 2020 21:23:08 GMT
x-timer: S1632789922.614154,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 default-avatar-2020-68.jpg
media-cdn.tripadvisor.com/media/photo-o/1a/f6/ea/74/ 174 KB
174 KB 102ms
14ms Image
image/jpeg 151.101.130.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/1a/f6/ea/74/default-avatar-2020-68.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1f38e5ad51fe48ca3e5d330d4ef938a16995b7193fdb0f0dbcbec0b2a74b9ef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:21 GMT
via: 1.1 varnish, 1.1 varnish
etag: "f27a5764aa875e1f663c4e3a9e973796"
x-media-cdn: 214492761
age: 1012519
x-cache: HIT, HIT
content-length: 177717
x-served-by: cache-bwi5161-BWI, cache-hhn4054-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 21 Feb 2020 21:08:28 GMT
x-timer: S1632789922.614196,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 default-avatar-2020-69.jpg
media-cdn.tripadvisor.com/media/photo-o/1a/f6/ea/b2/ 200 KB
200 KB 107ms
19ms Image
image/jpeg 151.101.130.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/1a/f6/ea/b2/default-avatar-2020-69.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a90708b75691f7b23e89344a21f7ae2c81a1c0c32cc2adbfa78e48030bd61f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:21 GMT
via: 1.1 varnish, 1.1 varnish
etag: "8f384c79ae0d3166b0b54a79f74bfefd"
x-media-cdn: 324045741
age: 2223525
x-cache: HIT, HIT
content-length: 204501
x-served-by: cache-bwi5148-BWI, cache-hhn4054-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 21 Feb 2020 21:08:52 GMT
x-timer: S1632789922.614233,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 561roberts561.jpg
media-cdn.tripadvisor.com/media/photo-o/1c/82/66/4b/ 396 KB
397 KB 13ms
13ms Image
image/jpeg 151.101.130.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/photo-o/1c/82/66/4b/561roberts561.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ef285b0950b3f17b37c7af96ad946e73b94b997ff15aea9da250c56dfbbb7f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:21 GMT
via: 1.1 varnish, 1.1 varnish
etag: "ee8af1d85bf89fc677c838d3919dc32a"
x-media-cdn: 78843729
age: 885247
x-cache: HIT, HIT
content-length: 405871
x-served-by: cache-bwi5147-BWI, cache-hhn4054-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Sat, 09 Jan 2021 21:55:53 GMT
x-timer: S1632789922.637440,VS0,VE2
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 minneapolis_downtown_luxury_hotel.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9163/ 372 KB
355 KB 109ms
109ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9163/minneapolis_downtown_luxury_hotel.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

d21396b493710e2154c7d22ef9b2aa8f3d368719f0d7f948f8ec9ae9becb4423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9163/minneapolis_downtown_luxury_hotel.jpg
pragma: no-cache
cookie: wires=a23asuld9k8lk214ic11lst2i3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-5ce6f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:24 GMT

GET
H2 200 minneapolis_downtown_luxury_hotel.jpg
windowsonminnesota.zambezimarketing.com/site/assets/files/9163/ 372 KB
355 KB 109ms
109ms Image
image/jpeg 144.202.17.128
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windowsonminnesota.zambezimarketing.com/site/assets/files/9163/minneapolis_downtown_luxury_hotel.jpg

Requested by

Host: windowsonminnesota.zambezimarketing.com
URL: https://windowsonminnesota.zambezimarketing.com/site/templates/uikit/js/uikit.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.202.17.128 Atlanta, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

144.202.17.128.vultr.com

Software

nginx-rc /

Resource Hash

d21396b493710e2154c7d22ef9b2aa8f3d368719f0d7f948f8ec9ae9becb4423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /site/assets/files/9163/minneapolis_downtown_luxury_hotel.jpg
pragma: no-cache
cookie: wires=a23asuld9k8lk214ic11lst2i3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: windowsonminnesota.zambezimarketing.com
referer: https://windowsonminnesota.zambezimarketing.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsonminnesota.zambezimarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 00:45:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 19:37:15 GMT
server: nginx-rc
etag: W/"6137bf6b-5ce6f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000 public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 28 Oct 2021 00:45:24 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			windowsonminnesota.zambezimarketing.com/	1969-12-31 23:59:59	Name: wires Value: a23asuld9k8lk214ic11lst2i3
			.apps.elfsight.com/	1970-01-19 21:33:09	Name: _p_hfp_client_id Value: 587581721

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.instacloud.io
apps.elfsight.com
cdn.linearicons.com
fonts.googleapis.com
fonts.gstatic.com
media-cdn.tripadvisor.com
proxy.elfsightcdn.com
service-reviews-ultimate.elfsight.com
static.elfsight.com
windowsonminnesota.zambezimarketing.com
104.26.5.247
104.26.6.107
107.170.203.103
13.225.78.52
142.250.186.138
144.202.17.128
151.101.130.38
172.217.23.99
172.67.72.106
0371d63563ca58daec03d1b921f9ca72775f56b512eda3a5482336bb6f9f8d8c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0657f87b4f5eae5da1875000f409bf829a4ca9c9c3e722d1aec220131f64e678
0be5046a28a7cfba17877224ae05b9c554a25749f7e35e6fc5a836c2cca16838
14d960a442cd3410732425a92dfde7980061a6216e7ed36af24db42f365c0ed9
1cab26dea7fcd277740cc8eb2b5c86dfa19ce260b05f5aa71108ce87b7284741
1f38e5ad51fe48ca3e5d330d4ef938a16995b7193fdb0f0dbcbec0b2a74b9ef4
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
2a90708b75691f7b23e89344a21f7ae2c81a1c0c32cc2adbfa78e48030bd61f6
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2e63e79d431540d715f8a83bfdafce28ff774ac9e2eeaf67aceda2991f106622
353ab6713189d676a6a875585046481d379b4a5de561efe2bb5a7e147a19dcb0
3b8a6b68cb93abc427b39a1105d35b5e7e02813291a3d6689619a8eb8b0d9ba2
3d23bf9b9187b2f3163e7ab6154ddf301abd30805a3320060c6cdd156eff8d6e
3d355d438fcf22ef5e1e6d68954d40ee22f5f3fc30ebdf9b4e84c2099f547002
449b271509392ce8564b0efcbe897cc28d3e688aa6f780673faf451a0ffd1cb1
45613d06246012287e23c72d2274dd2d93894fe3b3a45d293225f73b551f648a
48039d8d4c58ae162f91201db94a1b0f617b419d4b9d3d87ae83b32e4c3273f7
52aace43c4f3dfc35c14c158e84c2889ee4bb4f4e3278e739c29895e5aefe02b
537c49a217602681eefe327f526a7395718e162f3c112140a8ef6918abb4074e
5a9e52072eb5cc035c22228cf751008b04535a4793938c738a028fe0528fdae9
5ec01d1cb3565cbab08c0d2138438e81eb4b0ba650ca0adb47ceeab471754833
62661c1784a3187c77ceadc6043b985f89f3b31dff1805976a37e90d236aaf03
64681704c9ce47bc93e1245892cb8d062d795f99c6151190c19bbd53302551d2
6bb97d744a650c449a4620ba5aaeb55fd21828b4dbd2fc1c430e07a7bf2f1b1c
6beba83505b101f8ca4b7131f807f52a8e96bb7c08764d21f5501ef409f0d7af
6c12b74fba4b60628830b4054504eee7611d16dd6d5de0450e5890f0ed973fd7
70e95920fdd3ae9ee6e828f57ffd32f5f03fba351152ea683926d9044db34437
79ce921c4192405f0a0d3b2c45953204073270988c5d80f423f9ecedceb7b000
7fe47894225ee5e5e0c06b8025c82bfb336f4fefa665c0f4f9b35585767caf7b
81654fd46ca71a70c83215f3cd5870cc977013987b5d319f649662cc661050b9
84079cae58cb36831a0eb44ee9a2352b62b536e9bbc09d09b7ef37aa13fc624c
8ecff0222bff471f4bf1d925a162a03c9b9a02dc3e7ee476ae49431821726040
94c1d1dca7c41d5f8ec0954465088596be5e55776a107462da463f73572c540c
9e824ff3182981535d9c1c6faa2ffc489070ba6ef37c18a2eba87e64aa79a19d
9ef285b0950b3f17b37c7af96ad946e73b94b997ff15aea9da250c56dfbbb7f7
a110f350de1c6de036ff3b2d603b60c4065f0830030471ad32fab84edb932167
a161a79e303dd4b064ee7fd13ed66e64032859fe2c382c7376435ba0d1991314
a7e376cb610f2e0898cd0b69d21155a8d3cfe9b977ec3cda53046aa1fcb74692
ae8d437de31b178387a7b0726b9a281592e13d7507054bdc74d9b0c09280be0e
b1e79878b572fec0565b3af2c6a7c8f1c5ea0bf0005b4ed89c74f68774b92157
b465d78eb4c8b4173df5e37704c40432f290539414258b8e4e13abe9053d146e
bccf10c1ca5b37bbe9d6560ef7cfa805a2fd4368425923e4907781b616418bda
bdf3696cef5380e5471430218238003648616cbee7aadca93fc619af363cac8c
c1baef220c4cda0849943385bb0db8ea6d17b65349667caf84371c8e8eeb6719
c25749af05fe500e792cf5595379bf1b95c43cfab5e45b718ebf2bfcef1d2a42
cc052eab6490b37dd5a08e9728521e60d80f3874c5e8931ee08de4b5a5f41d3e
ccfd3e2282ffb5bd2c26a92de43fdb82030700099ac8d6671e019524ab89aa21
cdd973427e52b332d1a7f796dd17a3efc7423ccc2e9701409cfc992784bebdb4
d09fa65b7cdbc34184dff539eafca641ba160f6d4cac8eebeb6618fb1d00b770
d21396b493710e2154c7d22ef9b2aa8f3d368719f0d7f948f8ec9ae9becb4423
d35f42ec3d7c700bfb640f12b0882128f1032c40ad668d9a319ce75aef6d72ab
dc5fea0f66ba515ed09996716ca6a4fdc1b562726177f3e3e885004c9abe38ef
dded283501c4aea0a6d4172787ee4f508efad587500c971fe3c03f070f9a52f0
df4732b5ecafbebbc868e9e69422b3798b695a6b9c3897ed783e24e3122e3f3a
e766c669556f55d1288fdd826b3df619432d129dc5c7934899ad0ddc750c1626
ec7bf847e307305f0c6b9fb70b8dbc922a1c611ddece07c658c1724c3cd40f42
f1682ef17426689374b6f174192090c161f58981a604ae9f74cb39aee51efb80
f57cc4030f30006425103ae00668c4178671742dcf8f78c1faa33d529368e6fc
fcb9cfe4db1bac0d0ba68b55df06941f197b02fe9ab3383a9ecb172091cfece2
ff7dc18992809677ae6228fe866f8ec9c8c8ca538c18f1db04611b34a479639a

windowsonminnesota.zambezimarketing.com Open in urlscan Pro 144.202.17.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

0 %IPv6

8 Domains

10 Subdomains

10 IPs

1 Countries

8203 kBTransfer

10998 kBSize

2 Cookies

22 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

windowsonminnesota.zambezimarketing.com Open in urlscan Pro
144.202.17.128 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

10
IPs

1
Countries

8203 kB
Transfer

10998 kB
Size

2
Cookies

64 HTTP transactions
1 data transactions