banyanhill.com Open in urlscan Pro
2600:9000:2156:6800:13:4c2:d400:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://events-c.mb.banyanhill.com/z/2bj47e9f0?uid=fa875640-2100-4dda-b6a5-51ce26c9a245&mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&ut...
Effective URL:
https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c...
Submission: On June 23 via api (June 23rd 2022, 2:54:54 pm UTC) from CH — Scanned from DE

Summary HTTP 269 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 70 IPs in 7 countries across 51 domains to perform 269 HTTP transactions. The main IP is 2600:9000:2156:6800:13:4c2:d400:93a1, located in United States and belongs to AMAZON-02, US. The main domain is banyanhill.com. The Cisco Umbrella rank of the primary domain is 105581.
TLS certificate: Issued by Amazon on March 10th 2022. Valid for: a year.

This is the only time banyanhill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6810:d03f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
65	2600:9000:215... 2600:9000:2156:6800:13:4c2:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.201.125.192 35.201.125.192	15169 (GOOGLE) (GOOGLE)
3	52.217.169.184 52.217.169.184	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.5.192 35.190.5.192	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	2600:9000:215... 2600:9000:2156:e600:7:abf4:f200:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.89.99 143.204.89.99	16509 (AMAZON-02) (AMAZON-02)
6	2a02:6ea0:c70... 2a02:6ea0:c700::20	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.243.52.94 54.243.52.94	14618 (AMAZON-AES) (AMAZON-AES)
1	34.111.78.58 34.111.78.58	15169 (GOOGLE) (GOOGLE)
1	143.204.89.75 143.204.89.75	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	44.228.83.169 44.228.83.169	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	54.161.143.126 54.161.143.126	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.89.72 143.204.89.72	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.96 143.204.89.96	16509 (AMAZON-02) (AMAZON-02)
1	52.48.114.92 52.48.114.92	16509 (AMAZON-02) (AMAZON-02)
1	35.209.5.166 35.209.5.166	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4014:80f::200e	15169 (GOOGLE) (GOOGLE)
1 36	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.22.221.234 52.22.221.234	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.229.86 23.35.229.86	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:829::2013	15169 (GOOGLE) (GOOGLE)
3	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3 14	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2620:1ec:27::... 2620:1ec:27::cafe:2133	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	52.36.112.43 52.36.112.43	16509 (AMAZON-02) (AMAZON-02)
3	104.45.184.134 104.45.184.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.251.15.4 3.251.15.4	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.35.228.247 23.35.228.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:2156:2a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	54.93.141.89 54.93.141.89	16509 (AMAZON-02) (AMAZON-02)
1	52.30.1.181 52.30.1.181	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.193.215.198 18.193.215.198	16509 (AMAZON-02) (AMAZON-02)
1 2	52.48.92.112 52.48.92.112	16509 (AMAZON-02) (AMAZON-02)
2 2	54.84.45.101 54.84.45.101	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:dc9:5139:b20d:8eb0	14618 (AMAZON-AES) (AMAZON-AES)
1	18.235.141.125 18.235.141.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4232:40ff:2de3:a398:119a	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
269	70

1 2606:4700::6810:d03f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

events-c.mb.banyanhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2600:9000:2156:6800:13:4c2:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

banyanhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.125.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.125.201.35.bc.googleusercontent.com

marvel-b2-cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.169.184 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.5.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.5.190.35.bc.googleusercontent.com

cdn.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2156:e600:7:abf4:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.banyanhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-99.fra50.r.cloudfront.net

static.adzerk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.52.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-52-94.compute-1.amazonaws.com

e-10203.adzerk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.78.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.78.111.34.bc.googleusercontent.com

a1.b0e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-75.fra50.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.228.83.169 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-83-169.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.143.126 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-143-126.compute-1.amazonaws.com

carl.pubsvs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-72.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-96.fra50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.114.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-114-92.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.209.5.166 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 166.5.209.35.bc.googleusercontent.com

myalphaspace1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4014:80f::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.22.221.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-221-234.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

itm.itstracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.140 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:27::cafe:2133 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.36.112.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-112-43.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.45.184.134 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.251.15.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.11 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.15 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.141.89 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-141-89.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.1.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-1-181.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.215.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-215-198.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.92.112 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-92-112.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.45.101 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-45-101.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:dc9:5139:b20d:8eb0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.141.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-141-125.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:40ff:2de3:a398:119a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	banyanhill.com 1 redirects events-c.mb.banyanhill.com — Cisco Umbrella Rank: 292042 banyanhill.com — Cisco Umbrella Rank: 105581 cdn.banyanhill.com	815 KB
36	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	28 KB
15	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	18 KB
14	google.de www.google.de — Cisco Umbrella Rank: 5448	1 KB
14	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 8	1 KB
12	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4153 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727 sslwidget.criteo.com — Cisco Umbrella Rank: 1530 widget.us.criteo.com — Cisco Umbrella Rank: 16628 dis.criteo.com — Cisco Umbrella Rank: 717	66 KB
10	userway.org cdn.userway.org — Cisco Umbrella Rank: 6009 api.userway.org — Cisco Umbrella Rank: 5848	193 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 c.clarity.ms — Cisco Umbrella Rank: 1113 a.clarity.ms — Cisco Umbrella Rank: 5372	29 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	366 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1888 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3560 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3482 tracking.crazyegg.com — Cisco Umbrella Rank: 3393	33 KB
6	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 408 ib.adnxs.com — Cisco Umbrella Rank: 244	6 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	523 B
4	yahoo.com 1 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 745 ads.yahoo.com — Cisco Umbrella Rank: 1058 ups.analytics.yahoo.com — Cisco Umbrella Rank: 299	1 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1975 tr.outbrain.com — Cisco Umbrella Rank: 1779 sync.outbrain.com — Cisco Umbrella Rank: 694	5 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3441	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	40 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3211 onesignal.com — Cisco Umbrella Rank: 1162	82 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	276 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 ajax.googleapis.com — Cisco Umbrella Rank: 307	33 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 543 i6.liadm.com — Cisco Umbrella Rank: 1491	1 KB
3	itstracking.com itm.itstracking.com — Cisco Umbrella Rank: 597064	8 KB
3	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 13346 api.getblueshift.com — Cisco Umbrella Rank: 9878	3 KB
3	amazonaws.com s3.amazonaws.com	38 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 681 cdn.stickyadstv.com — Cisco Umbrella Rank: 2277	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 642	852 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1528	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	142 B
2	adzerk.net static.adzerk.net — Cisco Umbrella Rank: 53127 e-10203.adzerk.net	9 KB
2	gstatic.com fonts.gstatic.com	91 KB
2	b0e8.com cdn.b0e8.com — Cisco Umbrella Rank: 9895 a1.b0e8.com — Cisco Umbrella Rank: 10203	22 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	12 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 909	418 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2264	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1285	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	35 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1188	99 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1626	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2006	337 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	242 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 529	787 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 410	141 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 611	226 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 336	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1515	428 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2143	232 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	myalphaspace1.com myalphaspace1.com
1	pubsvs.com carl.pubsvs.com — Cisco Umbrella Rank: 885081	3 KB
1	bc0a.com marvel-b2-cdn.bc0a.com — Cisco Umbrella Rank: 18288	4 KB
269	51

	Domain	Requested by
65	banyanhill.com	banyanhill.com
35	bat.bing.com	www.googletagmanager.com bat.bing.com itm.itstracking.com
15	cdn.banyanhill.com	banyanhill.com
14	www.google.de
14	www.google.com	3 redirects
12	googleads.g.doubleclick.net	3 redirects www.googleadservices.com
8	www.googletagmanager.com	banyanhill.com itm.itstracking.com www.googletagmanager.com
6	www.facebook.com	banyanhill.com
6	cdn.userway.org	banyanhill.com cdn.userway.org
4	secure.adnxs.com	3 redirects
4	dis.criteo.com
4	www.clarity.ms	bat.bing.com www.clarity.ms
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	tags.srv.stackadapt.com	banyanhill.com tags.srv.stackadapt.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	api.userway.org	cdn.userway.org
4	connect.facebook.net	banyanhill.com connect.facebook.net
4	script.crazyegg.com	banyanhill.com script.crazyegg.com
3	a.clarity.ms	www.clarity.ms
3	itm.itstracking.com	www.googletagmanager.com itm.itstracking.com
3	fonts.googleapis.com	banyanhill.com
3	s3.amazonaws.com	banyanhill.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	idsync.rlcdn.com
2	api.getblueshift.com	cdn.getblueshift.com
2	c.clarity.ms	1 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	tr.outbrain.com	amplify.outbrain.com
2	onesignal.com	cdn.onesignal.com
2	cdn.onesignal.com	banyanhill.com cdn.onesignal.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	banyanhill.com
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	eb2.3lift.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ads.yahoo.com
1	sp.analytics.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	c.bing.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	dynamic.criteo.com	itm.itstracking.com
1	amplify.outbrain.com	banyanhill.com
1	myalphaspace1.com	banyanhill.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	carl.pubsvs.com	banyanhill.com
1	ajax.googleapis.com	banyanhill.com
1	cdn.getblueshift.com	banyanhill.com
1	a1.b0e8.com	banyanhill.com
1	e-10203.adzerk.net	static.adzerk.net
1	static.adzerk.net	banyanhill.com
1	cdn.b0e8.com	banyanhill.com
1	marvel-b2-cdn.bc0a.com	banyanhill.com
1	events-c.mb.banyanhill.com	1 redirects
269	79

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
recruiting.ultipro.com
privacyportal-cdn.onetrust.com
www.linkedin.com

Subject Issuer	Validity	Valid
banyanhill.com Amazon	`2022-03-10` - `2023-04-08`	a year	crt.sh
cdn.bc0a.com GTS CA 1D4	`2022-05-10` - `2022-08-08`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
cdn.b0e8.com GTS CA 1D4	`2022-05-14` - `2022-08-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-01` - `2022-06-30`	3 months	crt.sh
cdn.banyanhill.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.adzerk.net Amazon	`2022-04-20` - `2023-05-18`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
b0e8.com GTS CA 1D4	`2022-05-15` - `2022-08-13`	3 months	crt.sh
*.getblueshift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
api.userway.org Amazon	`2021-11-02` - `2022-11-30`	a year	crt.sh
carl.ocp.14west.io R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
myalphaspace1.com R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
itm.itstracking.com GTS CA 1D4	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-18` - `2022-08-03`	2 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Frame ID: 4EE336DC58D254B41106C7940D2868B5
Requests: 228 HTTP requests in this frame

Frame: https://banyanhill.com/wp-content/signup/?buttontext=Sign%20Me%20Up!&emailtext=Enter%20Email%20Address&xcode=X190XB41&position=sidebar&
Frame ID: 541A53108A6BC548A7B2FE619C9C7436
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 43384DD884681CF8D66227A2FCB4E1F9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=banyanhill.com&origin=onetag
Frame ID: 449AC2641DD097CFDE7A5B2D6D22DACA
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 82F8912BA4A8E7B0478C169E234BE524
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B86A4843C4257BEBED22709CCF8B04F9
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ&google_gid=CAESEOFEvZ-QCdIQ_Bke1jKmq34&google_cver=1&google_ula=913071,0
Frame ID: 18A73C0FE5D7AE30B61A8D496D54BC49
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Whitelist Banyan Hill - Banyan Hill Publishing

Page URL History Show full URLs

https://events-c.mb.banyanhill.com/z/2bj47e9f0?uid=fa875640-2100-4dda-b6a5-51ce26c9a245&mid=5ca44aa2-2ddb-45e5-... HTTP 307
https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Adzerk (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adzerk\.net/ados\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

269
Requests

93 %
HTTPS

37 %
IPv6

51
Domains

79
Subdomains

70
IPs

7
Countries

2199 kB
Transfer

6794 kB
Size

63
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BanyanHillPublishingFL/

Search URL Search Domain Scan URL

URL: https://twitter.com/BanyanHill

Search URL Search Domain Scan URL

URL: https://www.instagram.com/banyanhillpublishing/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7CWod8KuEXMPxBIBvrTVcA

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/WAD1002WADM/JobBoard/ff5a9a46-ec0b-45c4-a0c3-6b5d2350dbbc/?q=&o=postedDateDesc
Title: Careers

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/90ddaa87-9d70-4282-9d4f-d6cbd96bd224/3c18808a-ad77-4f45-953c-5e4a84d8dcf1.html
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F&t=Whitelist%20Banyan%20Hill

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=Whitelist%20Banyan%20Hill&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F&title=Whitelist%20Banyan%20Hill

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=%url%&text=%prefix%%text%%suffix%
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=2188475931415722&display=popup&quote=%prefix%%text%%suffix%&href=%url%
Title: Share

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://events-c.mb.banyanhill.com/z/2bj47e9f0?uid=fa875640-2100-4dda-b6a5-51ce26c9a245&mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_ek=2022-06-22T19%3A55%3A20Z&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&bsft_mime_type=html&bsft_tv=5&bsft_lx=23 HTTP 307
https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 162

https://gum.criteo.com/sid/json?origin=onetag&domain=banyanhill.com&sn=ChromeSyncframe&so=0&topUrl=banyanhill.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=rJgTTnxiTWpqcVIwbEswRXliNnBudXlDYzBJanRkK09iR0lzOWhtL2xqK2g4NFIycXNkMWJGTVdpeG4wbGlnNzZTUXhaNnRJRTZZU1diQWIwek1mamVYOVV4YzZpOTVJMGR2bHNnbUIxZk85eDMvQTNUUm9maTdIRWxyYnlsaXcvbnY4alVKQ0ZkM2VjVFlpeGtPamNYcVJsOThUbVVjNzN4TE56RytVMi9WT0dUYWJhV1pkUjBqczd2anZIQ2kzRSszbmQyTnhMNGVocllpQ1lKMG5UVWl1WHVBTzRaT0txNlpjS0gvV2FDVkNVUkE1VFJpZ0dIVzZBSFNJclhsVHY2TTROdmZSOTd2VTN1bHBKSVRyazY3WUs2UT09fA&cppv=2

Request Chain 172

https://sslwidget.criteo.com/event?a=%5B73806%2C68943%2C73810%2C87745%2C73809%2C68943%2C73808%5D&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Dbanyan-unknown&p2=e%3Ddis%26a%3D%255B73806%252C68943%252C73810%252C87745%252C73809%252C73808%255D&adce=1&bundle=PE7TlV9kYVRRSyUyQnJBMGIyMHpmSTI4THdkYkM2SXpOTG9FUVZoTCUyQmMlMkY0VzE0bVpBN2RYNHBFeW5haU4xJTJCVFRFN1E4Z2JMWkNRVnFjbzVXTWRSU2FPSjZ3VngwNGZVTkYyOXREZ0k4aEJZMGNCNzN3UW43Z2UlMkY1R2JIbjRrRFNlaCUyQklhY0JvMUJ3SlE0aCUyQktGMzlUMFZTaUFVZyUzRCUzRA&tld=banyanhill.com&dy=1&ful=710&fu=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3&dtycbr=66671 HTTP 302
https://widget.us.criteo.com/event?a=%5B73806%2C68943%2C73810%2C87745%2C73809%2C68943%2C73808%5D&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Dbanyan-unknown&p2=e%3Ddis%26a%3D%255B73806%252C68943%252C73810%252C87745%252C73809%252C73808%255D&adce=1&bundle=PE7TlV9kYVRRSyUyQnJBMGIyMHpmSTI4THdkYkM2SXpOTG9FUVZoTCUyQmMlMkY0VzE0bVpBN2RYNHBFeW5haU4xJTJCVFRFN1E4Z2JMWkNRVnFjbzVXTWRSU2FPSjZ3VngwNGZVTkYyOXREZ0k4aEJZMGNCNzN3UW43Z2UlMkY1R2JIbjRrRFNlaCUyQklhY0JvMUJ3SlE0aCUyQktGMzlUMFZTaUFVZyUzRCUzRA&tld=banyanhill.com&dy=1&ful=710&fu=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%253&dtycbr=66671

Request Chain 185

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=367F6599480447C7BDDAA26B5C1E416F&RedC=c.clarity.ms&MXFR=18D8C124273E609909F8D0E8233E6ECA HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=367F6599480447C7BDDAA26B5C1E416F&MUID=0F68B7EDA0B86C111AAAA621A1D36D00

Request Chain 189

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834194545/?random=1655996089325&cv=9&fst=1655996089325&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/834194545/?random=1655996089325&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=1102327049&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/834194545/?random=1655996089325&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=1102327049&resp=GooglemKTybQhCsO&ipr=y

Request Chain 195

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/452500132/?random=1655996089330&cv=9&fst=1655996089330&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/452500132/?random=1655996089330&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=2032487680&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/452500132/?random=1655996089330&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=2032487680&resp=GooglemKTybQhCsO&ipr=y

Request Chain 197

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10780855742/?random=1655996089331&cv=9&fst=1655996089331&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/10780855742/?random=1655996089331&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=3715358465&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/10780855742/?random=1655996089331&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=3715358465&resp=GooglemKTybQhCsO&ipr=y

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ&google_cm&google_hm=ay13clpKTm5sTWRadlhXb2t1S0JhemxXUGp5NmlndzhMU2JKOWZqUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ&google_gid=CAESEOFEvZ-QCdIQ_Bke1jKmq34&google_cver=1&google_ula=913071,0

Request Chain 222

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=zGFYCulCRANSQRGIfQ6TFPAR7gyssPpZ

Request Chain 227

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RzXGB3lMdZvXWokuKBazlWPjy6i7zj5Ef3TE1w HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RzXGB3lMdZvXWokuKBazlWPjy6i7zj5Ef3TE1w&verify=true

Request Chain 231

https://secure.adnxs.com/setuid?entity=52&code=k-H8vpoXlMdZvXWokuKBazlWPjy6hpdbGJDq8ENg&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-H8vpoXlMdZvXWokuKBazlWPjy6hpdbGJDq8ENg%26seg%3D95287

Request Chain 232

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2377222092752626110

Request Chain 236

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-X8XtH3lMdZvXWokuKBazlWPjy6jL9aXuA-mD4w HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-X8XtH3lMdZvXWokuKBazlWPjy6jL9aXuA-mD4w&C=1

Request Chain 238

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-2tQOhHlMdZvXWokuKBazlWPjy6jGV5OZ1G1Nzw&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-2tQOhHlMdZvXWokuKBazlWPjy6jGV5OZ1G1Nzw&expires=30&user_group=5

Request Chain 244

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Q572inlMdZvXWokuKBazlWPjy6ilF6NRHanfbA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Q572inlMdZvXWokuKBazlWPjy6ilF6NRHanfbA

Request Chain 245

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-72qLm3lMdZvXWokuKBazlWPjy6ihF-kmlWxDfA HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-72qLm3lMdZvXWokuKBazlWPjy6ihF-kmlWxDfA&_li_chk=true&previous_uuid=05bdef027a3145b681056dcba72a6719 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-72qLm3lMdZvXWokuKBazlWPjy6ihF-kmlWxDfA

Request Chain 248

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-6_wh83lMdZvXWokuKBazlWPjy6h7xHbnjXui9Q&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 249

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2377222092752626110

Request Chain 250

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/CRkzHkFJfRnDHEUF9oNi-Xq0O9Xlw2fv/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2748625198695044870

269 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
banyanhill.com/whitelist/
Redirect Chain

https://events-c.mb.banyanhill.com/z/2bj47e9f0?uid=fa875640-2100-4dda-b6a5-51ce26c9a245&mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_ek=2022-06-2...
https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&b...

293 KB
61 KB

1235ms
1175ms

Document
text/html

2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PHP/7.4.30 PleskLin
Resource Hash: e9acdc33e6feb5a5b9f86850c64e7998ed7f7afbf90e49debc61c038ab0ce070

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Jun 2022 14:54:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://banyanhill.com/wp-json/>; rel="https://api.w.org/", <https://banyanhill.com/wp-json/wp/v2/pages/334367>; rel="alternate"; type="application/json", <https://banyanhill.com/?p=334367>; rel=shortlink
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: nz3kbV4B30KFnmiLlOgKpqoUtlIBUaWyvM1n10rGC2vJl5ZofIFpqA==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-cache-status: BYPASS
x-powered-by: PHP/7.4.30 PleskLin

Redirect headers

access-control-allow-headers: Content-Type, X-Api-Key
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 71fe0f886fe89078-FRA
content-type: text/html; charset=utf-8
date: Thu, 23 Jun 2022 14:54:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
pragma: no-cache
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 64eda357-59cf-4928-899b-ca682c75fb52
x-runtime: 0.014418
x-xss-protection: 1; mode=block

GET
H2 200 marvel.js Show response
marvel-b2-cdn.bc0a.com/ 9 KB
4 KB 105ms
30ms Script
application/javascript 35.201.125.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marvel-b2-cdn.bc0a.com/marvel.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.125.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.125.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 965fc05b277596a937ba9d14388799fd5217eb96179f0187b8b937347bdfaf59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:03:55 GMT
content-encoding: gzip
age: 3051
x-guploader-uploadid: ADPycduQ-Pna8I-JUxEvvrssLEdIo_82aNi9C2hWAMb15OUeqa5d_l6RfgklRcAg9SPQWc5w7dZYACyAfSnWyUgTWdGE92mk4g7O
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3217
last-modified: Wed, 01 Sep 2021 18:16:49 GMT
server: UploadServer
etag: "5a385b6f8bc7f4775b2ec7b66c0ec4c2"
vary: Accept-Encoding
x-goog-hash: crc32c=0X9o7A==, md5=Wjhbb4vH9HdbLse2bA7Ewg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1630520209881243
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3217
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 23 Jun 2022 15:03:55 GMT

GET
H/1.1 200
OK bootstrap-grid.min.css
s3.amazonaws.com/cdn.banyanhill.com/wp-content/themes/BanyanHill_3_0/css/ 25 KB
26 KB 429ms
119ms Stylesheet
text/css 52.217.169.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.banyanhill.com/wp-content/themes/BanyanHill_3_0/css/bootstrap-grid.min.css
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf4f226d19d20d9f3e5a9c3d4939a748f95ab117f98578d73c5e878142107643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:47 GMT
Last-Modified: Mon, 16 Mar 2020 19:01:52 GMT
Server: AmazonS3
x-amz-request-id: GC5X7H237GBMHYXB
ETag: "e8a71af462eced751838bb6e6a67db81"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 26019
x-amz-id-2: 2bHON3oTsqmHFDb+NMM2keKQ11iYVaFcVlubn3iRfpnB/v8IgYM75DycBnNBIRmLlPc59Bgf1ws=

GET
H2 200 font-awesome.min.css
banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/css/ 30 KB
7 KB 293ms
286ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/css/font-awesome.min.css?ver=5.6
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b952b7cf4dd78b5a73326ac7eaf18b9e9ffd06cadff2a54fbe5eaba7c8a42d30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 19:41:27 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c019267-76c3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: UqD5ujAnwRibY79NQlDT-fIdoZMTwOlfUP1-shenGQ2zyr6VfPmXug==

GET
H2 200 ET-Extra.woff
banyanhill.com/wp-content/themes/Extra/fonts/ 14 KB
14 KB 292ms
286ms Font
font/woff 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/Extra/fonts/ET-Extra.woff
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: faf92f241d22c776418da17d96c9f418a932b323bbfd9a472081f6ae19bfe352

Request headers

Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 00:50:22 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: "6231344e-385c"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 14428
x-amz-cf-id: X443A37-Tqh_8OrkM_Q4hCaEcG-6U4x1VmdRPhySKD2KZOEZ2FOOWQ==

GET
H2 200 monarch.ttf
banyanhill.com/wp-content/plugins/monarch/css/fonts/ 15 KB
15 KB 302ms
295ms Font
application/octet-stream 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Thu, 29 Apr 2021 10:28:44 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: "608a8a5c-3af8"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 15096
x-amz-cf-id: 8uWDBw6ClHysFWdZkUWAU1Wln-5ZbQzwtmIhpxPFZnzRegZW7e26Rw==

GET
H2 404 modules.ttf
banyanhill.com/wp-content/themes/Extra/core/admin/fonts/ 0
0 1515ms
1509ms Font
text/html 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/Extra/core/admin/fonts/modules.ttf
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PHP/7.4.30
Resource Hash

Request headers

Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-powered-by: PHP/7.4.30
x-cache: Error from cloudfront
pragma: no-cache
access-control-allow-origin: https://banyanhill.com
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
link: <https://banyanhill.com/wp-json/>; rel="https://api.w.org/"
x-amz-cf-id: 7em0d_vxcdbT_ceXCJNbD5K4SbzfcWc6lLM3NyjlXZuxzr0afidgZQ==
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 2883.js Show response
script.crazyegg.com/pages/scripts/0090/ 5 KB
2 KB 426ms
377ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0090/2883.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab472e13e5fd8a0a0e16fa54f9ee5719a31a4846cbe23b14cc389820086a3ee9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 71fe0f983d15913d-FRA
ce-version: 11.1.450
content-length: 1933
last-modified: Thu, 23 Jun 2022 14:54:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 styles.css
banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/css/ 5 KB
2 KB 110ms
104ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/css/styles.css?ver=1604667205
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0066d11c6a3921da274c40040b4c36c21c688c7d1eaad3d7d8ac202152ff610f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 12:53:25 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5fa54745-1518"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: osLY9AahylE5taxLvjaztDvIpak97e5ebgnd2KZsRAku1eM4w4Khmw==

GET
H2 200 font-awesome.min.css
banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/css/ 30 KB
7 KB 294ms
288ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/css/font-awesome.min.css?ver=1543606887
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b952b7cf4dd78b5a73326ac7eaf18b9e9ffd06cadff2a54fbe5eaba7c8a42d30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 19:41:27 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c019267-76c3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 14BfLwqV3E2CM5O8xvWtM5ABs32_llQFJyOUc2r2-ukGY5Mr1g1l_A==

GET
H2 200 agora_live_content_elements_styles.css
banyanhill.com/wp-content/plugins/agora-live-content//assets/ 4 KB
1 KB 112ms
106ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/agora-live-content//assets/agora_live_content_elements_styles.css?ver=1638534428
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c0867466ac1be23f9c1beabcf59c23a323c3a408bdbeafb4d8b2e72f9d00fe09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 12:27:08 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"61aa0d1c-10ca"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: kCvydF2YgDbC0Ul6lDyq3b6Jdw1upFVFCnRNQ5EvAcGymnG9Wj0drQ==

GET
H2 200 bh-extras-shared.css
banyanhill.com/wp-content/plugins/bh_extras/css/ 1023 B
826 B 292ms
286ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/bh_extras/css/bh-extras-shared.css?date=2021-05-07-000&ver=1620389497
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 33940e90ec82d9a5315515fa9a7da1a22ba056cb32437697657ab9028823b4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 12:11:37 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"60952e79-3ff"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: Xy2G5VVq3Lf2xuvOSNAYr3SbpKNVCjSGenIaCnnts1fS2GA8e0DV8Q==

GET
H2 200 style.min.css
banyanhill.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 297ms
291ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/css/dist/block-library/style.min.css?ver=1649190991
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 20:36:31 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"624ca84f-145db"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: jPYtYvPSwhK9zfFkbWEeuAZEOovOZ0fI8mVgjpu7wf2RwtBGF7osYw==

GET
H2 200 has-cts-style.css
banyanhill.com/wp-content/plugins/highlight-and-share/dist/ 8 KB
1 KB 296ms
290ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/highlight-and-share/dist/has-cts-style.css?ver=1629866954
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0d5ebed721a81284859b160b8f57ea9e3a595d194d4738125e578b69c6278e8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 04:49:14 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"6125cbca-1f92"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: ymDPWxKYOQ9NWdLKnQavmxISQz4Qygxi6G6cJAzjPbue8aTUKmaP4w==

GET
H2 200 style.css
banyanhill.com/wp-content/plugins/popular-post-widget/inc/ 132 B
445 B 292ms
287ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/popular-post-widget/inc/style.css?ver=1543840053
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 98c0f7683a7479e876135389dc8d1f9e88b45f26ba37741d532d436ddff24529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Mon, 03 Dec 2018 12:27:33 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c052135-84"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: B9cHzORrmTLdf5izRLW0DMZAq_RvxVt_sSV6mBXFPzq-PeENpcYXvQ==

GET
H2 200 featherlight.min.css
banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/vendor/css/ 2 KB
1 KB 116ms
111ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/vendor/css/featherlight.min.css?ver=1634862334
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 559efbda0a936bc1b3c215ba9836b70f5e90c312970f7464b759171709d50e82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 00:25:34 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"617204fe-73f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: lKwfX_VoB56OVRR7MryXGDc-j2WNeBmbH_lGFERLSqkBeiA05eq_FA==

GET
H2 200 tfs-css-plugin-sitewide.css
banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/css/ 51 KB
8 KB 298ms
293ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/css/tfs-css-plugin-sitewide.css?ver=1634862324
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7f93e263ad4bc92786a6317255283eff2be7a4e9ed0d812751d1fdd6ecfd8fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 00:25:24 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"617204f4-ca2f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: t52A3CtkKyv6HrprYNe6FWc04QfvW535J4ql_oIA7JZd11ffePgk3A==

GET
H2 200 remodal.css
banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/css/ 3 KB
1 KB 301ms
296ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/css/remodal.css?ver=1649882002
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4ea2d65eb065c494cac66480b3424e8ed83df7ce9f351ce7904f587c86892e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 20:33:22 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"62573392-d98"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: N5kcfi6u5T4nFSQQyLee7OLY7p96Etap0Ndepvm_Bm5Yct3mxceibQ==

GET
H2 200 frontend.css
banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/css/ 16 KB
3 KB 298ms
294ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/css/frontend.css?ver=1649882003
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: eb4e47c6d3e16768233b559d2b81f13103b6554026ce53f5c9bfb62f42e5ba13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 20:33:23 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"62573393-3e39"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: iaanyw2hXNNDQWQONININ45viZKr6c1UvNXttMl7PHuLMNj4mB5g2A==

GET
H2 200 style.css
banyanhill.com/wp-content/plugins/monarch/css/ 113 KB
13 KB 121ms
117ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/monarch/css/style.css?ver=1619692124
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 10:28:44 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"608a8a5c-1c56d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: G6P07Bx4ruuXbcj2CaHEdVF3Hk6wLVSHKxRtikx6c7f0ggS7HctAEQ==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 131ms
44ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&ver=1655996110

Requested by

Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://banyanhill.com/
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 13:09:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Jun 2022 14:54:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Jun 2022 14:54:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 132ms
45ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C800italic%2C400%2C300%2C600%2C700%2C800&subset=latin%2Clatin-ext&ver=1655996110

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4ed6192a5661e60f1dd77d79b4024b6315008210b15b6162835108e008c8866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://banyanhill.com/
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 13:49:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Jun 2022 14:54:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Jun 2022 14:54:46 GMT

GET
H2 200 style.min.css
banyanhill.com/wp-content/themes/Extra/ 367 KB
46 KB 389ms
386ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/Extra/style.min.css?ver=1647391823
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c7ae6de54a900606ad8a14cc721384d9038f1f2f0442051969f3fb35b0070911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 00:50:23 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"6231344f-5bbeb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 10NqywvQChJFTHC9TpRjM40eNcYdX46rZ-PDJ-VMnyBJVvpAUEG9vg==

GET
H2 200 highlight-and-share-emails.css
banyanhill.com/wp-content/plugins/highlight-and-share/css/ 2 KB
1 KB 299ms
295ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/highlight-and-share/css/highlight-and-share-emails.css?ver=1629866954
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ad99539f9551faf9e9393a9ebed9a009b02ac9c21f4573616f12f88a9e95678a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 04:49:14 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"6125cbca-8eb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: NOTh0avQ26Z_-tVBtSw93bsU-O1H2zhQSlBJkVqObyumdA_8GDXTww==

GET
H2 200 highlight-and-share.css
banyanhill.com/wp-content/plugins/highlight-and-share/css/ 3 KB
1 KB 115ms
112ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/highlight-and-share/css/highlight-and-share.css?ver=1629866954
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 686ff132c0ecb9659a3ac8d2497766122408aae07fe9142d25210c6496dff380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 04:49:14 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"6125cbca-bc2"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: X-Io1z2qaCz3wu6qfb98rwEGP0NP8PWnnrwW3ysZH-ZGR5cA595m0w==

GET
H2 200 modal-styles.css
banyanhill.com/wp-content/themes/BanyanHill_3_0/css/ 6 KB
3 KB 299ms
296ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/BanyanHill_3_0/css/modal-styles.css?ver=1547574038
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ace40f0ad368698620529f2d904ed5b63eb37b0aa24d9d667a4f4e1b8aa20605

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Tue, 15 Jan 2019 17:40:38 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c3e1b16-174b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: rVCTXjz_RxG_-Y_L38n8sdzbM0AYQpxSTAR5U7H0eMiD3NJoaOnIyw==

GET
H2 200 style.css
banyanhill.com/wp-content/themes/BanyanHill_3_0/ 365 B
555 B 300ms
297ms Stylesheet
text/css 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/BanyanHill_3_0/style.css?ver=1543951242
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 72b8bd5c6108d511b2f00a499a7be928c26dfe9fb01a618b2f26cf5a43167a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Tue, 04 Dec 2018 19:20:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c06d38a-16d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 4A6-9mkik92uMkgZRdT1xmGjAJ4btmhc0SwZOosrQIlnTnRV1iSFBg==

GET
H2 200 csd-ext-localized-frontend.js Show response
banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/javascript/localized/ 42 B
406 B 115ms
110ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/javascript/localized/csd-ext-localized-frontend.js?ver=1568881220
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cf8c10a6ce0c7bb56f5026c2c79aa23e98eeafb5e9fcb1835a1339ef9ff5ae4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 08:20:20 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5d833a44-2a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: in8MYVvBRBhWwpWiMPmebdrquLaHygBOjAhb9p9xFaSDV_jawv-VkQ==

GET
H2 200 jquery.min.js Show response
banyanhill.com/wp-includes/js/jquery/ 87 KB
31 KB 132ms
129ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/jquery/jquery.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-15db1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: e5lL0RcKb0aVk3m9jqPLtEA3kYLmPW-WZgwVSDKS228vZ4SceQwesw==

GET
H2 200 jquery-migrate.min.js Show response
banyanhill.com/wp-includes/js/jquery/ 11 KB
4 KB 299ms
297ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1612265592
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 11:33:12 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"60193878-2bd8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 428xxXXXQXioUefiowuROJ2gioAj7jBnjsnsn7wqKu2VRyOIexV3xA==

GET
H2 200 scripts.js Show response
banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/javascript/ 8 KB
2 KB 114ms
107ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/javascript/scripts.js?ver=1619744579
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4b99df6dac71d67c7c6b938fdce2eaa97a18ca39227fb2e7b6064594c74dcb45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 01:02:59 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"608b5743-21e4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: Lxr6MssLJ1kDCoYm5RKgPfkMd4XRpje-X0Ah110POF7junTwr71uFg==

GET
H2 200 bh-extras-shared.js Show response
banyanhill.com/wp-content/plugins/bh_extras/js/ 2 KB
1011 B 294ms
288ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/bh_extras/js/bh-extras-shared.js?date=2020-02-28-000&ver=1587607717
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 586376cc62d24636c538661fb625d9cd9b2d1830465b66569cb94bca3bb0f033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 02:08:37 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5ea0f8a5-67b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: h1_kHmfq75acRIdIL33ESyfBxJc7JhewurQUbVPPfu7okIJsfm-EtQ==

GET
H2 200 bh-magic-link.js Show response
banyanhill.com/wp-content/plugins/bh_magic_link/js/ 4 KB
2 KB 114ms
108ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/bh_magic_link/js/bh-magic-link.js?date=2020-01-27-000&ver=1581688005
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 25fb121e6d7277315aef6000e9c8a13cacbfba555f7e9d873431649506008fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:46:45 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5e46a4c5-ec9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 3qqFxsMeeDR3BF9DoXujXnOcFsF-trHCy7M39gMh2ppw9tXZxq8BRw==

GET
H2 200 ajax-scripts.js Show response
banyanhill.com/wp-content/plugins/agora-live-content/assets/ 243 B
531 B 116ms
110ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/agora-live-content/assets/ajax-scripts.js?ver=1639747021
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f3c9655e73c3cad1f691b686125ec69fb8a29e0b603b688426d0f8dc37ff2cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 17 Dec 2021 13:17:01 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"61bc8dcd-f3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: vHUWQcQ7I_W1AQ8McpxBjytnJIOy1eaUEKByY1Bh74U8G4lBfImgKA==

GET
H2 200 js.cookie.min.js Show response
banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/vendor/js/ 2 KB
1 KB 115ms
109ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/vendor/js/js.cookie.min.js?ver=1634862334
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8c8f0144e6fe8ddf98243a817fa221654be496cb497984073ac1ba8eaf418156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 00:25:34 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"617204fe-73c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: tleLW7VLwAj7vTBqIW9ZcN_jV8E38uVD9RyZGV-dHI1l-DoX75jASw==

GET
H2 200 featherlight.min.js Show response
banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/vendor/js/ 7 KB
3 KB 300ms
294ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/vendor/js/featherlight.min.js?ver=1634862334
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4ec973587aa2b7b78acc246c9165c7d5333e8522b4ab5f91027142ab45ab5d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 00:25:34 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"617204fe-1da9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: CYTtZtCBi2jctvEIB8gnpD8R_56Xvt2vxNAk6iXW-brFRtav0m_6ng==

GET
H2 200 tfs-css-plugin-sitewide-localized.js Show response
banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/js/localized/ 42 B
406 B 112ms
107ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/js/localized/tfs-css-plugin-sitewide-localized.js?ver=1634862329
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 34ea8a6e2ce6780fc080d92d2b3be6798d83b8b3d928d77ed3e012d616dd1eed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 00:25:29 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"617204f9-2a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: BuiTSsRectwdGEhC6SJ8jFPCtg7JmmDqvyCHr8l4ih3qTWNg9ch4cw==

GET
H2 200 tfs-css-plugin-sitewide.min.js Show response
banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/js/min/ 518 B
629 B 294ms
289ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/js/min/tfs-css-plugin-sitewide.min.js?ver=1634862330
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ccc64eb4a91b2bda28f92aef8697d6f0a94cda4756272b2b94b2f3ce58a4bbb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 00:25:30 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"617204fa-206"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 9S0hEmWds3Us2QqMIiLeFyRGtdyuZyTNEU_cCvnhyyIZIpNki2pwFw==

GET
H2 200 jquery.prettydropdowns.js Show response
banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/js/localized/ 26 KB
6 KB 115ms
111ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/tfs-customer-self-service-v2-master@ec572485c5a/assets/js/localized/jquery.prettydropdowns.js?ver=1634862329
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d1a444460ccad758f324c1ea3c1e26776c18607fdef7a3af6495eb9832a4a759

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 00:25:29 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"617204f9-6781"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: TiUcX-ukVDZx2lz71Ug4IJPbWiKSI7YYQTEeeGt-4FMp9byQ52CyjA==

GET
H2 200 remodal.js Show response
banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/ 7 KB
3 KB 116ms
111ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/remodal.js?ver=1649882006
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5741cfcbdeec21a37cdc6efb5dfca04034460249521b4baab5e7d7defb84921c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 20:33:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"62573396-1cee"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: lMbHdAMS3dOzVLxnzlR5zV4TVyifOBZXH9mHJn7dXqK_bQbCNO2WrQ==

GET
H2 200 frontend-localized.js Show response
banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/ 42 B
406 B 300ms
295ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/frontend-localized.js?ver=1649882007
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cf8c10a6ce0c7bb56f5026c2c79aa23e98eeafb5e9fcb1835a1339ef9ff5ae4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 20:33:27 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"62573397-2a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: c7cEM5f_-B0PWykMcASw-W2bpnWix0_hUGKM-Pw-QyCy0-t2DkbaXw==

GET
H2 200 jquery.validate.min.js Show response
banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/ 63 KB
13 KB 117ms
113ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/jquery.validate.min.js?ver=1649882006
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 12878c5e14643c4260523cb8988dad5dde802ebfe236020b49a5ed17ab0e5068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 20:33:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"62573396-fa52"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: meoTFBHYd1KsKhUOHOrjJfxNQJKh1k467ajXcc9h5-g-9m8_v-OVmA==

GET
H2 200 jquery.inputmask.bundle.min.js Show response
banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/ 74 KB
23 KB 207ms
204ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/jquery.inputmask.bundle.min.js?ver=1649882007
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2b099eb5e34bb26a13dddcf61053924e0e2d41e8374205a0a672f1acf2cab9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 20:33:27 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"62573397-128fe"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: y8f5D81TE1pncctnMyRRDClJcdRzk0nwMea8-1A2WJvbn7NT8vw9CQ==

GET
H2 200 frontend.js Show response
banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/ 17 KB
5 KB 115ms
112ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/js/frontend.js?ver=1649882006
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 615206bf20b3dc6168e43f67b57932bbca907e11373fa38721fcb2587e70a2fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 20:33:26 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"62573396-45fe"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: rdvrX3p6ZVZ4A-IYZdMv73vli725ujuYxrjZjoCr8FRJBP1Ma6-EbA==

GET
H2 200 bh-extras.js Show response
banyanhill.com/wp-content/themes/BanyanHill_3_0/js/ 3 KB
2 KB 300ms
296ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/BanyanHill_3_0/js/bh-extras.js?date=2021-02-18-00&ver=1618363566
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 83d538cedbe77753779e1a11038fc1f2a6111a765850e7bbe691631aaf306bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 01:26:06 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"607644ae-ccc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: eKsVZhbi6OBnYnPFy3XvTlRMODsnXbsynn-s5GZPeamAwO0Z3rPsoQ==

GET
H2 200 loadCSS.min.js Show response
banyanhill.com/wp-content/themes/BanyanHill_3_0/js/ 749 B
771 B 295ms
292ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/BanyanHill_3_0/js/loadCSS.min.js?ver=1543951244
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0238e48ef02a285ad456f6ccd089b882d57687e526a8e43c236cdd5d12cba218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Tue, 04 Dec 2018 19:20:44 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c06d38c-2ed"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: NwzWEEe4ly5a2IGOj-RSV-P3ZmOirzMwgIdMTzhNxHNc-neu7xfGog==

GET
H2 200 cssrelpreload.min.js Show response
banyanhill.com/wp-content/themes/BanyanHill_3_0/js/ 1 KB
836 B 116ms
113ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/BanyanHill_3_0/js/cssrelpreload.min.js?ver=1543951243
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d45d464223e8979c4ef8a378e026fad3a4bcff556fab4a1d611a24347b833674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Tue, 04 Dec 2018 19:20:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c06d38b-426"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: k7V1JZgNNix3vICuyjgAhW9BVSvyhzLG99BGfvU2hBoLZyyO1wGleQ==

GET
H2 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ 25 KB
3 KB 39ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2244005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1970
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-62a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTe%2FnREbh6U%2BBLIzNSXL1J%2F52tyTLXQD23f9Xhg%2FOpJaxXdHIqr45P79ZshL7tss0p%2BzAeTS9oDxk%2B3TMoImjdHtfiUGM5eBg3oFnLdi7khUGyRCHl7yTtBfy4J3SM5eOCb5NHkRMFqFIwKAOoOEALnC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71fe0f94c8135b44-FRA
expires: Tue, 13 Jun 2023 14:54:46 GMT

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ 29 KB
9 KB 41ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1174925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8889
timing-allow-origin: *
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-72d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxu%2FUCb6E0cay1qNzlTP3OIwrB714VyhooHFkxgKCX0C5eYWejSsnCY3XJvBqqXNIbIaq69kDwcc4NWI0Ur5TETwDCHEF2kZ3ZS1tVn%2FxDqK9GPYZyBg5Rk0d%2BTv1zOmreqCFJvAC3Qb0xJ3grCR0R8e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71fe0f94c8155b44-FRA
expires: Tue, 13 Jun 2023 14:54:46 GMT

GET
H2 200 fontawesome-webfont.woff2
banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/fonts/ 70 KB
71 KB 376ms
375ms Font
font/woff2 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/fonts/fontawesome-webfont.woff2
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:46 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Fri, 30 Nov 2018 19:41:30 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: "5c01926a-118d8"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
content-length: 71896
x-amz-cf-id: ge59BHehZhHfp1Jt84eP97p9qumdV2wSh4zlp4hxE0XFd7-H1hR3tA==

GET
H2 200 conv_v3.js Show response
cdn.b0e8.com/ 67 KB
22 KB 57ms
16ms Script
application/javascript 35.190.5.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.b0e8.com/conv_v3.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.5.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.5.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 960d1f95f71be9bc4c13e06c200762c60cdc944d3289687f9d9faa6cf7b17506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:49:38 GMT
content-encoding: gzip
age: 309
x-guploader-uploadid: ADPycdt9FUa9zfm1T6DCngl9ysV6QC68fco_qgatLncN-Q-N7T24xfss37uNemq6KqpRoNW1Ey5u60sMBsLC4UhBdYKsg4HcFILQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21573
last-modified: Wed, 23 Mar 2022 23:53:55 GMT
server: UploadServer
etag: "0acedbfc86d9cc291bf807c3fe3ea666"
vary: Accept-Encoding
x-goog-hash: crc32c=lWvUnQ==, md5=Cs7b/IbZzCkb+AfD/j6mZg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1648079635204763
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 21573
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 23 Jun 2022 15:49:38 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 121ms
46ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: banyanhill.com
URL: https://banyanhill.com/wp-content/plugins/middleware-authentication-master@7e3b0aaf23a/css/frontend.css?ver=1649882003

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e03af8182fa6236495864237a24c1e3b2096839cd9d1d28121899afa8015dc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 14:38:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Jun 2022 14:54:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Jun 2022 14:54:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
73 KB 153ms
64ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQ793K8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b154f7789dbc5a452454d67af01eeb33aab6c0e632c2b5d1937f4a67b50f8019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74312
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:54:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 46ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: walh+EK/46H0RMvXBV61p5osiuj6RVctZoR146syX4yBzxTxVmW/Nap1s93Ci8GN/H0/EWqm+T576bDjSXrEig==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:54:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banyan-logo-New.png
cdn.banyanhill.com/wp-content/uploads/2014/10/06072331/ 11 KB
12 KB 76ms
9ms Image
image/png 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2014/10/06072331/banyan-logo-New.png
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc6010e2b0cc06e863e13d87d8a1fc58b6ced36a8e7d4d46dc2d4b8961f991f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 06:08:16 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Fri, 06 Dec 2019 12:25:52 GMT
server: AmazonS3
age: 13423592
etag: "95cab509d740a762babcd48d53675a69"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11756
x-amz-cf-id: 1XBA7OT1mzy0gzSkbJuIEfUSblVG0FGoWPDiMeOjcxWFim05_VTJwQ==
expires: Sat, 05 Dec 2020 12:23:31 GMT

GET
DATA 200
OK truncated
/ 763 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7ba80a221ccb4edd79e4fa774949a6683ce88b8ff45f71466aa44b12c0d3a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 132ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 268689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 12:16:38 GMT

GET
H2 200 fontawesome-webfont.woff2
banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/fonts/ 70 KB
71 KB 344ms
344ms Font
font/woff2 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/css/font-awesome.min.css?ver=5.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://banyanhill.com/wp-content/plugins/Customer-Service-Extension/assets/vendor/css/font-awesome.min.css?ver=5.6
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified: Fri, 30 Nov 2018 19:41:30 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: "5c01926a-118d8"
x-cache: Miss from cloudfront
content-type: font/woff2
accept-ranges: bytes
content-length: 71896
x-amz-cf-id: _vFGLjEKzBcDy59PKvhEewZqZTGoeu1jjLNsjFhS23K_oBnsrIlqYw==

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v29/ 47 KB
47 KB 138ms
93ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C800italic%2C400%2C300%2C600%2C700%2C800&subset=latin%2Clatin-ext&ver=1655996110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://banyanhill.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:35:09 GMT
x-content-type-options: nosniff
age: 274778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47924
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 10:35:09 GMT

GET
H2 200 2883.json Show response
script.crazyegg.com/pages/data-scripts/0090/ 8 KB
2 KB 210ms
178ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0090/2883.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0090/2883.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 404fc18fe6086e2b4ab9cf9eddf81daaceb490ebbb504b516092a7eb156e929f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 71fe0f9b4ce49be6-FRA
ce-version: 11.1.450
content-length: 1662
last-modified: Thu, 23 Jun 2022 14:54:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ados.js Show response
static.adzerk.net/ 37 KB
9 KB 61ms
8ms Script
application/x-javascript 143.204.89.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adzerk.net/ados.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: vdr5nnZmBF0vAiuQpd0vthGzTSPUI.gW
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 19:12:32 GMT
server: AmazonS3
age: 546917
etag: "89a54f00253492ab480039e02a27f9c1"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
date: Fri, 17 Jun 2022 07:00:46 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8887
x-amz-cf-id: u2DW8Z94jBlcLw2uga88txIYameh6T4gYMWqdbNnDld07KkEfZdSGA==

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 39ms
6ms Script
application/javascript 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c3c65f927da48a919f53c62fbfb1c76bef32c8766923e8a02b618d7f793c42c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:54:47 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
etag: W/"4b0a5d3a4c3fbe3dc0225397ba16660b"
age: 1976
x-77-cache: HIT
x-cache: HIT
x-age: 1663
content-encoding: br
vary: Accept-Encoding
x-77-nzt: AdRmOI1UE4r/fwYAAA
x-accel-expires: @1655998024
last-modified: Thu, 23 Jun 2022 09:45:41 GMT
server: CDN77-Turbo
x-77-nzt-ray: Y5scaFLcfFE
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ulY7Wh9gz-lQXlEOiBPIkJICQAhW3Gd-pZXgJ0qM6Jt7oNZCzotxYg==

GET
H2 200 core.min.js Show response
banyanhill.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 107ms
106ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/jquery/ui/core.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-50ea"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: puYL1kgCzhLwEMIjaTSaUJJDBAweSDziT7vnzNglWcsHJFoQvMeizQ==

GET
H2 200 menu.min.js Show response
banyanhill.com/wp-includes/js/jquery/ui/ 10 KB
3 KB 106ms
105ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/jquery/ui/menu.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2abc07f83e0a9c350b5580983d7eb8249eb5848c40e4762770297b9e67eba974

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-2784"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 0sKT3rH_0luM5v4PhD_gHYiUpd0f4ymEAfbmMui-3OHB3_R1AfOLzg==

GET
H2 200 regenerator-runtime.min.js Show response
banyanhill.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 300ms
299ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-195e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: ZrwcR-XQxrUHuaKqzauSL5DctC7z5CjTDfBkbUmem4PoMq4Cf-zUrA==

GET
H2 200 wp-polyfill.min.js Show response
banyanhill.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 109ms
108ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-4b3d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: VNcxaUhZ-No0F9Orvph3XiskY9EJYMOTGCxQzG0pysIKrQf1meIVwA==

GET
H2 200 dom-ready.min.js Show response
banyanhill.com/wp-includes/js/dist/ 1 KB
949 B 107ms
106ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/dist/dom-ready.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-4e9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: uCCw0ugybgLiB3iXPaG9C9lDRmIwLaYKtomO2hZfRZmg5njKr9UOiw==

GET
H3 200 269110233792003 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 239ms
229ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/269110233792003?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e843ffb619170cd2c6f28a5b348fc6fa67624c851aafde82d42fa0e45fef277

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: BzammQk3Hsi3SV4Yb69uJKSFN+oVuIXMf1tSvyxHczy+UKF2RI+H7H4ZA059E3Qt92yo3Ijlx8WCnkK2N2JATg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:54:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655996087829
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hooks.min.js Show response
banyanhill.com/wp-includes/js/dist/ 6 KB
2 KB 107ms
107ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/dist/hooks.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-163a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 8X1mPjjN5VC8CKchEZt35VlO32pYQ6gdCxYP0xG6LOdb6kaqWPRmaw==

GET
H2 200 i18n.min.js Show response
banyanhill.com/wp-includes/js/dist/ 10 KB
4 KB 110ms
110ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/dist/i18n.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-28a7"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: zsPeymU_k4QkvOnb3RI7EdFpwAGbmMmzW6IT6RyJVYKbAg7RUpIoig==

GET
H2 200 a11y.min.js Show response
banyanhill.com/wp-includes/js/dist/ 3 KB
1 KB 107ms
107ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/dist/a11y.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-bfd"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: MHjpAs-xDNpf0kfkAC2M3Wd1Ma9X28KKVXVsZSXyl7-wTiNbDWcqsA==

GET
H2 200 autocomplete.min.js Show response
banyanhill.com/wp-includes/js/jquery/ui/ 8 KB
3 KB 107ms
107ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 21c7b4a55ddcf0f40806dbec924729bd87dca55501380f6e6069b9f6e3492437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-214f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: wjR4515FtlSAwaeZq_F7uMT-oGO14szB6wrkFM_nCeW8D2ErPQa_IQ==

GET
H2 200 datepicker.min.js Show response
banyanhill.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 294ms
294ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1645777903
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1b70442a2fac7e63b6019ea409f5eeceb4f2dc2ade831d7350d72316b8c6ee1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 08:31:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"621893ef-8f8f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: PLgarBtRlrGAPwMhbQGMJhQmxqkbXSjATqGbt1IKn_xUfGoZAW6UIw==

GET
H2 200 idle-timer.min.js Show response
banyanhill.com/wp-content/plugins/monarch/js/ 3 KB
1 KB 110ms
109ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1619692124
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 80fa756dda143f69fb3ce750e905cc8188150dc4c6b7539bf3627fe26530b405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 10:28:44 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"608a8a5c-a4b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: W-SpPT8lOeahX0Q4i6Ohp7iWSMhnXkT962MJ6cdmTfp85DBPAWmVOg==

GET
H2 200 custom.js Show response
banyanhill.com/wp-content/plugins/monarch/js/ 26 KB
6 KB 107ms
106ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/monarch/js/custom.js?ver=1619692124
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 43b5c9ad80f0a5d1c63568583e9cf6cd5ca8454a680f4ee80d5d63d00b15a360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 10:28:44 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"608a8a5c-6855"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: fmD2l3k2J9I1XQ8kl0fuYZeCpuCoZQHHV6cdXZAOKNeF-Us1eyDN2g==

GET
H2 200 masonry.min.js Show response
banyanhill.com/wp-includes/js/ 24 KB
8 KB 108ms
107ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-includes/js/masonry.min.js?ver=1597823166
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 07:46:06 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5f3cd8be-5e4a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: e2XUcTE5iLoCK1CUNtDz8994RSfwQ1VzmC-6jV51U8AlNu08n18Rqw==

GET
H2 200 scripts.min.js Show response
banyanhill.com/wp-content/themes/Extra/scripts/ 308 KB
84 KB 387ms
386ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/Extra/scripts/scripts.min.js?ver=1647391938
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 220af1ef78cf772eb36f09513fc5b8538b8edaff7ba01b5e93170b51966889f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 00:52:18 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"623134c2-4cf46"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: gI_YmQ5yHDfV-JwWIkdkbdqjiMKTWJzq9_kBWCagslV6JN8rvV7feA==

GET
H2 200 sweetalert2.all.min.js Show response
banyanhill.com/wp-content/plugins/highlight-and-share/js/ 71 KB
19 KB 111ms
111ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/highlight-and-share/js/sweetalert2.all.min.js?ver=1629866954
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0bb21a0a8ea437744dd848ce70ce9610c9b291057c98aef6088d63c7492a7998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 04:49:14 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"6125cbca-11c3c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: zTSLgrpZsjHdouCnNpoR6NhQbk4WHaiTMcNfy2q5eJLFgrQJsFCKeA==

GET
H2 200 highlight-and-share.js Show response
banyanhill.com/wp-content/plugins/highlight-and-share/js/ 22 KB
4 KB 300ms
300ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/plugins/highlight-and-share/js/highlight-and-share.js?ver=1629866954
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a058c1724cf945f5c5d02681ceb956fd254e1f331b9f6aa57080832003ae114f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 04:49:14 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"6125cbca-5941"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: gSJOVV3iQeFJ_qodZlbvJGKZNhfVN8GRZiXqmENlGRjZKnV7Xmsuzw==

GET
H2 200 common.js Show response
banyanhill.com/wp-content/themes/Extra/core/admin/js/ 1 KB
911 B 287ms
287ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/Extra/core/admin/js/common.js?ver=1647391822
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 00:50:22 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"6231344e-53f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: oc7ljcduMOLEmPnx6H9nodeWeAsTNYuNXjSUjKfpL5yKpYfbU5kuBA==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 88ms
46ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1655996112
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 71fe0f9c69339bfe-FRA
date: Thu, 23 Jun 2022 14:54:47 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 26 Jun 2022 14:54:47 GMT

GET
H2 200 jquery.matchHeight.js Show response
banyanhill.com/wp-content/themes/BanyanHill_3_0/js/ 11 KB
3 KB 298ms
298ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/BanyanHill_3_0/js/jquery.matchHeight.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 93cc9435e27506670af0bbe13216970ce2a78cff112642ff2f63b0484846d13a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Dec 2018 15:26:02 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c0fd70a-2dd6"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: sRaORB7LnQhkrvYxgbNRIpGN-DBN6RMG47mn8dz_BSPjDV-fCdA1Rg==

GET
H2 200 jQuery.verticalCarousel.js Show response
banyanhill.com/wp-content/themes/BanyanHill_3_0/js/ 3 KB
1 KB 288ms
288ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/BanyanHill_3_0/js/jQuery.verticalCarousel.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e803cef0ceb0a4fb09354dc0a97dbee2ef087d7b4e92e75ab6544914573ba4c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Tue, 04 Dec 2018 19:20:43 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"5c06d38b-d29"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 4EuYuBQZE6KmMTJW6qjNMKjyrOsvKUwYxk9r4ifDAC93spVT_kM3vA==

GET
H2 200 banyanhill.js Show response
banyanhill.com/wp-content/themes/BanyanHill_3_0/js/ 13 KB
3 KB 291ms
290ms Script
application/javascript 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/themes/BanyanHill_3_0/js/banyanhill.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 135092bde5a99852e036d26f5168c66bdf73da98b116f3d986ac1947e16a8db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 11:20:03 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
x-powered-by: PleskLin
etag: W/"6141d6e3-34d8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: jqPNlw5f3tlMZxbVC2MC9mlRaxtRPLi-wRarcbOuEgpFlU9bPPeetA==

GET
H2 200 / Show response
banyanhill.com/wp-content/signup/ Frame 541A 12 KB
4 KB 112ms
109ms Document
text/html 2600:9000:2156:6800:13:4c2:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banyanhill.com/wp-content/signup/?buttontext=Sign%20Me%20Up!&emailtext=Enter%20Email%20Address&xcode=X190XB41&position=sidebar&
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:13:4c2:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PHP/7.4.30 PleskLin
Resource Hash: 294c559aebb5b441f08be557454e2e38c0574477f87ed59f49c8dac563248f39

Request headers

Referer: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 3837
content-type: text/html; charset=UTF-8
date: Thu, 23 Jun 2022 14:54:47 GMT
expires: Thu, 23 Jun 2022 14:55:12 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: 8bfwCV1JB8y5E5F70ciiRVOt-P1GEN6GUvPX_vdSK-M_SGw9LrkWcA==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-cache-status: BYPASS
x-powered-by: PHP/7.4.30 PleskLin

GET
H2 200 shutterstock_164252669-440x264.jpg
cdn.banyanhill.com/wp-content/uploads/2022/06/22130348/ 18 KB
18 KB 15ms
11ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2022/06/22130348/shutterstock_164252669-440x264.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06d4463517b7fc10f33fc3416cbfa376c2903b53e934b1647d17e5649b7cea89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:00:26 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 17:03:25 GMT
server: AmazonS3
age: 68062
etag: "670af7b85f6210f0c044c477811cc792"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 18347
x-amz-cf-id: M4nU-pOtQIYrOwRmzGyitKRqHIkCdo8E11iAcrbEUP--1431CK2mdg==
expires: Thu, 22 Jun 2023 17:03:48 GMT

GET
H2 200 shutterstock_551091415-440x264.jpg
cdn.banyanhill.com/wp-content/uploads/2022/06/22144659/ 16 KB
17 KB 16ms
12ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2022/06/22144659/shutterstock_551091415-440x264.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe11bb0de6fe95c950bf8de1dd00bc589824bcf775f7c8afcc4ab3f6c245302a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:31:40 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 18:46:36 GMT
server: AmazonS3
age: 69788
etag: "3552af04b7a450fa72a81d84668c90eb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16704
x-amz-cf-id: YeG4rRkAnSrOIm9wpfWPkzrVN0kQ7nPn3XLm19oUfadok4Ri_TNnww==
expires: Thu, 22 Jun 2023 18:46:59 GMT

GET
H2 200 shutterstock_1846264849-150x150.jpg
cdn.banyanhill.com/wp-content/uploads/2022/06/22114504/ 6 KB
7 KB 17ms
13ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2022/06/22114504/shutterstock_1846264849-150x150.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a78520f25323627228481f48b701379bbac20fdacd0529cf092837c1a3593153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:00:26 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 15:44:41 GMT
server: AmazonS3
age: 68062
etag: "4119cfc413f939c4fc681d207f899b25"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6472
x-amz-cf-id: h_mW2DhD5CBCQtIGbVx9j806c2_y1hwqSmZ25r3m9pfJKWzt6ZQeAA==
expires: Thu, 22 Jun 2023 15:45:04 GMT

GET
H2 200 RTD-Bull-Market-6.21.22-150x150.png
cdn.banyanhill.com/wp-content/uploads/2022/06/21162603/ 10 KB
10 KB 20ms
17ms Image
image/png 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2022/06/21162603/RTD-Bull-Market-6.21.22-150x150.png
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6e9d347fc3440a53bae1ed1cf15aa76595b223cc069fa8baecd9d43bb4b6e64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 09:20:57 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 20:25:40 GMT
server: AmazonS3
age: 106431
etag: "838813386af2c9a0c8d7dd0ffdbd518a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9921
x-amz-cf-id: GVQZ8QgAHD7dlgkPtKjjaizM3TT64xYkcySM7Y1t5-FKB17xnu47kA==
expires: Wed, 21 Jun 2023 20:26:03 GMT

GET
H2 200 Bauman_StocksPortfolio-150x150.png
cdn.banyanhill.com/wp-content/uploads/2022/06/21155857/ 12 KB
12 KB 20ms
17ms Image
image/png 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2022/06/21155857/Bauman_StocksPortfolio-150x150.png
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9280e8767512295a83dfc018d27bdec6ea438b8dd94c589ee205fc0e7d203bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 21:20:10 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 19:58:34 GMT
server: AmazonS3
age: 149678
etag: "7fd106b80f5d94ca7850c54da972c63d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11924
x-amz-cf-id: OhnD9fF4ZA4urA6KdiWtP2tJX3dN8lufJ3D6FkkrClU_eRG96mjoRA==
expires: Wed, 21 Jun 2023 19:58:57 GMT

GET
H2 200 RTD-Bull-Market-6.21.22-440x264.png
cdn.banyanhill.com/wp-content/uploads/2022/06/21162603/ 35 KB
35 KB 21ms
19ms Image
image/png 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2022/06/21162603/RTD-Bull-Market-6.21.22-440x264.png
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53623528b30237d8b602c4b67204b09e64cba6e3f8e7c6fb99e416eceb2a3bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 21:20:10 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 20:25:40 GMT
server: AmazonS3
age: 149678
etag: "24c18bf6a2e1be92b9d853145ca073a3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35721
x-amz-cf-id: P9i2gVRoBkg6vnjR4CPNuCEDojIgBc7-g4hkti9b0tqicFxDJS0BQg==
expires: Wed, 21 Jun 2023 20:26:03 GMT

GET
H2 200 Bauman_EndToFedsFury-150x150.png
cdn.banyanhill.com/wp-content/uploads/2022/06/17140907/ 16 KB
17 KB 27ms
25ms Image
image/png 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2022/06/17140907/Bauman_EndToFedsFury-150x150.png
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09be14bab0923658036490b3c8d2d52aa6a269e5743c3f904bf56c4ffdaaff45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:01:18 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 18:08:44 GMT
server: AmazonS3
age: 68010
etag: "c420ca124fdf017ee3c9df69ab79dc09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16517
x-amz-cf-id: K4T5jZPxU-zBjSwo4k63nje9n3HwE4XAy4QSlYu08YK4Ad3K1D40gQ==
expires: Sat, 17 Jun 2023 18:09:07 GMT

GET
H2 200 interest-rates-etf-150x150.jpg
cdn.banyanhill.com/wp-content/uploads/2021/02/22135439/ 11 KB
12 KB 27ms
25ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2021/02/22135439/interest-rates-etf-150x150.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54018d930bba2f850585a4f0b5f1d0a3bb4ada0a9bc364bfdc21ed9928a254f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 21:20:14 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Mon, 22 Feb 2021 18:55:05 GMT
server: AmazonS3
age: 495274
etag: "772ccf32d92bc2b4faeea43963a366f1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11507
x-amz-cf-id: nNwD6y1q3KGG7Ots8ergU6_1Qkz7QsiTTQOiQAsd0m0hLsoFFmb83w==
expires: Tue, 22 Feb 2022 18:54:39 GMT

GET
H2 200 shutterstock_2155329819-150x150.jpg
cdn.banyanhill.com/wp-content/uploads/2022/06/17131401/ 8 KB
9 KB 28ms
26ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2022/06/17131401/shutterstock_2155329819-150x150.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51bce81cb8ad6140d00ce7215a53b80b836af8b868cd102d608e906511311ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 21:02:16 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 17:13:37 GMT
server: AmazonS3
age: 496352
etag: "5ad331f01f1d8831a1b1cdaf2faeeb8a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8663
x-amz-cf-id: dEiTISbhwCZvFgJ31HlIheT9seRzReQT1xFm1LLWrVD41D3iUlcLUQ==
expires: Sat, 17 Jun 2023 17:14:01 GMT

GET
H2 200 Lina_Lee_600x700-150x150.jpg
cdn.banyanhill.com/wp-content/uploads/2020/08/23165051/ 7 KB
7 KB 30ms
28ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2020/08/23165051/Lina_Lee_600x700-150x150.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41b6218b59ed4f01d3403b79b56c49fe39490b901a5964b23c3bd0f67ba51dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 07:20:13 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Fri, 23 Jul 2021 20:49:53 GMT
server: AmazonS3
age: 1409675
etag: "d494c2eb4481c97978bf91074c579c33"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7018
x-amz-cf-id: qEI5llEdcQnXNnUAnZbwMO9kFl1W6Ch9iIhRilmVfFFFr8_Cb6VijA==
expires: Sat, 23 Jul 2022 20:50:51 GMT

GET
H2 200 600x700_AngelaJirau-150x150.jpg
cdn.banyanhill.com/wp-content/uploads/2020/01/07125347/ 7 KB
8 KB 29ms
28ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2020/01/07125347/600x700_AngelaJirau-150x150.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8aa696a6d76ad2c1efefe9ae88e1f83075174b3e34e1a85b803506c3be5e6a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 02:02:34 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Wed, 07 Oct 2020 17:01:53 GMT
server: AmazonS3
age: 823934
etag: "4a0fd8b896c8135c57498db56dab5295"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7308
x-amz-cf-id: 1tTOVEbyo4kruPzTkCdTc4VTHFf--3Wdr_4atu6XJT_WELvSUwTFeQ==
expires: Thu, 07 Oct 2021 17:01:40 GMT

GET
H2 200 Ian_Dyer_600x700-1-150x150.jpg
cdn.banyanhill.com/wp-content/uploads/2017/08/24160002/ 5 KB
6 KB 28ms
27ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2017/08/24160002/Ian_Dyer_600x700-1-150x150.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98e053eb3e96686cf8a78b8f96b8d014bd37cee20fe44116b7dcef914588d460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 31 May 2022 03:09:29 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Thu, 24 Jun 2021 19:59:19 GMT
server: AmazonS3
age: 2029519
etag: "30cbb72682934e9b6fe58bb356926737"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 5566
x-amz-cf-id: EEk8fJC9zrF8ccEMa9oP-Ch7et17CUXTxn134gyqnpK24YBsURsBWQ==
expires: Fri, 24 Jun 2022 20:00:02 GMT

GET
H2 200 600x700_TiffanyDAbate-150x150.jpg
cdn.banyanhill.com/wp-content/uploads/2020/07/07123612/ 6 KB
7 KB 27ms
26ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2020/07/07123612/600x700_TiffanyDAbate-150x150.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc45bd939ed7914eb25aea41962666969baedd398485f1dbd76699d220f01153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:57:26 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Wed, 07 Oct 2020 16:41:38 GMT
server: AmazonS3
age: 1861042
etag: "f59a8e4b34f8033c93da4cdff5f183b2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6588
x-amz-cf-id: V-Lvj4_c4FyPjTbSSQy1U9_yZzg1xzmJzv0suLFQX3jDsX18-Kfnsg==
expires: Thu, 07 Oct 2021 16:41:25 GMT

GET
H2 200 Daniel_Shifflett_600x700-150x150.jpg
cdn.banyanhill.com/wp-content/uploads/2021/06/24111112/ 19 KB
19 KB 28ms
27ms Image
image/jpeg 2600:9000:2156:e600:7:abf4:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.banyanhill.com/wp-content/uploads/2021/06/24111112/Daniel_Shifflett_600x700-150x150.jpg
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:7:abf4:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c92790452e080beaea7b6f83a227fb99a917bf688c14e24fd14a4e10b81ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:54:10 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Thu, 24 Jun 2021 15:10:29 GMT
server: AmazonS3
age: 1245638
etag: "75bfb0237a95c2ce151fa3ba0196efea"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19195
x-amz-cf-id: Y7277n3F45Y6gat1x3g8Thc_gzo7yQ-n_B58F6p9_1gyi35_c1ZX2Q==
expires: Fri, 24 Jun 2022 15:11:12 GMT

GET
H2 200 11.1.450.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 86 KB
28 KB 22ms
21ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.450.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0090/2883.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a9df0e30704e3f22c22bcf30a3c554a48aa9e660ced08626bfafae1c6525e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 23 Jun 2022 14:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Jun 2022 14:33:23 GMT
server: cloudflare
age: 1336
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 71fe0f9cedf0913d-FRA
content-length: 28081

GET
H2 200 widget_app_base_1655977387219.js Show response
cdn.userway.org/widgetapp/2022-06-23/ 115 KB
32 KB 16ms
15ms Script
application/javascript 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-06-23/widget_app_base_1655977387219.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 821b95ee2680967cd414f8595b8b56e6c75ec0d5518b736e64aca1519ee7d2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:54:47 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
etag: W/"bb2c6497bcad66f72142aaed4a677d0a"
age: 288
x-77-cache: HIT
x-cache: HIT
x-age: 17754
content-encoding: br
vary: Accept-Encoding
x-77-nzt: AdRmOI1mnAT/WkUAAA
x-accel-expires: @1681898333
last-modified: Thu, 23 Jun 2022 09:45:40 GMT
server: CDN77-Turbo
x-77-nzt-ray: uxk2sx/7wS0
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: UHVd5zT-mB69yToglvIEDDcR1M6UGvTO0Ks5NJsB9qOf6VnggHKmhg==

GET
H2 400 ados
e-10203.adzerk.net/ 0
0 366ms
104ms Script
text/html 54.243.52.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://e-10203.adzerk.net/ados?t=1655996087827&request=%7B%22Placements%22%3A%5B%7B%22A%22%3A10203%2C%22S%22%3A1087804%2C%22D%22%3A%22azk636362%22%2C%22AT%22%3A5%2C%22Z%22%3A%5B207087%5D%7D%2C%7B%22A%22%3A10203%2C%22S%22%3A1087804%2C%22D%22%3A%22azk580314%22%2C%22AT%22%3A5%2C%22Z%22%3A%5B207088%5D%7D%5D%2C%22Keywords%22%3A%22finance%22%2C%22Referrer%22%3A%22%22%2C%22IsAsync%22%3Atrue%7D
Requested by: Host: static.adzerk.net
URL: https://static.adzerk.net/ados.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.52.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-52-94.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:48 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"e-yaO8+BbIbL4Rz3t327ybkyYivvI"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 14
x-served-by: bifrost-production-shard001-us-east-1e-i-0866be0bea33c5321

GET
H2 200 brightedge3.php
a1.b0e8.com/ 35 B
227 B 61ms
20ms Image
image/gif 34.111.78.58
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a1.b0e8.com/brightedge3.php?id=f00000000164305&p_id=AL2L2A4JJNN4RN8APP4NAP64RAAAAAAAAH&bf=477264b3b4ce0eb1ec7ca1dd4f14783b&url=https%3A//banyanhill.com/whitelist/%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&ref=&bn=1&bv=3.44&title=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&metadesc=&metakeywords=&s_id=AL2L2A4JJNN4R4JLPRNNAP64RAAAAAAAAH
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.78.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.78.111.34.bc.googleusercontent.com
Software: bws/1.0 /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-be-pop: BRU-1-301
date: Thu, 23 Jun 2022 14:54:45 GMT
via: 1.1 google
last-modified: Wed, 23 Jun 2021 22:46:15 GMT
server: bws/1.0
etag: "60d3b9b7-23"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 4 KB
2 KB 38ms
7ms Script
application/javascript 143.204.89.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-75.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:51:30 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Server: AmazonS3
Age: 198
ETag: "e180e60ec878d69551a1c449b37c6552"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 1990
X-Amz-Cf-Id: 4YGInJb_8Vk2OqW57fr-4VxzDWc61nRPzPvZxJJ1wFKXZBrixgRQUQ==

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 48ms
29ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1655996112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 71fe0f9d79c29180-FRA
date: Thu, 23 Jun 2022 14:54:47 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 653
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 26 Jun 2022 14:54:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
299 B 31ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=269110233792003&ev=PageView&dl=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&rl=&if=false&ts=1655996087907&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655996087906.183101206&it=1655996087593&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 23 Jun 2022 14:54:47 GMT

POST
H2 200 SLz0nq5W5I Show response
api.userway.org/api/tunings/ 2 KB
2 KB 518ms
169ms XHR
application/json 44.228.83.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/SLz0nq5W5I
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-06-23/widget_app_base_1655977387219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.83.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-83-169.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7a65217f8529b5f38488d52e9c6941e9dc1488dac71f52dfec48875f13fdb256

Request headers

Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
etag: W/"63f-h3lFzYcxASoJOS1wQhT2xeX+WQw"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 1599
x-service-version: uw-pr

GET
H2 200 2883.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0090/ 504 B
364 B 214ms
213ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0090/2883.json?t=459998
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.450.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258f27d32db80bfede9c06920719778d140049f12bf05d48f2219bf062d9395d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
cf-ray: 71fe0f9d88889be6-FRA
ce-version: 11.1.450
content-length: 252
last-modified: Thu, 23 Jun 2022 14:54:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 541A 85 KB
30 KB 146ms
38ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: banyanhill.com
URL: https://banyanhill.com/wp-content/signup/?buttontext=Sign%20Me%20Up!&emailtext=Enter%20Email%20Address&xcode=X190XB41&position=sidebar&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jun 2023 14:07:18 GMT

GET
H/1.1 200
OK bh-process-lead.js Show response
s3.amazonaws.com/BanyanHillWebTeam/scripts/ Frame 541A 9 KB
9 KB 110ms
109ms Script
application/javascript 52.217.169.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/BanyanHillWebTeam/scripts/bh-process-lead.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/wp-content/signup/?buttontext=Sign%20Me%20Up!&emailtext=Enter%20Email%20Address&xcode=X190XB41&position=sidebar&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 798a8d0609f5d0b0110df6d749abe4e441ab95d41f012bc84faa671b0ba24bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:48 GMT
Last-Modified: Mon, 29 Jun 2020 17:35:27 GMT
Server: AmazonS3
x-amz-request-id: ZQ80S9KYJ27DTWMY
ETag: "5d641e04e57b9274f71abad971d80ad0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8783
x-amz-id-2: VHqyP8NY2EF38fkVJdb91S8mF3B3k5kgShNInoWTz6egDMkvhStjXjKNfDVozReTPAT7CBpeLRo=

GET
H2 200 carl.js Show response
carl.pubsvs.com/ Frame 541A 7 KB
3 KB 385ms
113ms Script
application/javascript 54.161.143.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://carl.pubsvs.com/carl.js

Requested by

Host: banyanhill.com
URL: https://banyanhill.com/wp-content/signup/?buttontext=Sign%20Me%20Up!&emailtext=Enter%20Email%20Address&xcode=X190XB41&position=sidebar&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.161.143.126 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-143-126.compute-1.amazonaws.com

Software

Apache / PHP/7.4.28

Resource Hash

b5b80768b092f3ee9c56f9f20965b4d88bdcfca464a2a5feefababcfc3dd9d87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none', default-src 'self' https://cdnjs.cloudflare.com https://code.jquery.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com
Strict-Transport-Security	max-age= 31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.4.28
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache
content-security-policy: frame-ancestors 'none', default-src 'self' https://cdnjs.cloudflare.com https://code.jquery.com https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com
strict-transport-security: max-age= 31536000; includeSubDomains
vary: Accept-Encoding
content-length: 1552

GET
H2 200 web Show response
onesignal.com/api/v1/sync/64d59a5e-bd91-4e29-af75-2f9ed71ad095/ 3 KB
2 KB 47ms
32ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/64d59a5e-bd91-4e29-af75-2f9ed71ad095/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3037d25b7bbd2467573f98840f8d7d50dfc0c9356a4a6535d5723b947aef7200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2438
cf-polished: origSize=3400
status: 200 OK
x-envoy-upstream-service-time: 62
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 85ad7f32-809a-49a9-8aa7-21035e48a78f
x-runtime: 0.060665
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"37f4782c41210b3e619361441713e9d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 71fe0f9e1c359bfe-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 23 Jun 2022 15:54:48 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 24ms
24ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 71fe0f9e6b479180-FRA
date: Thu, 23 Jun 2022 14:54:48 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 654
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 23 Jul 2022 14:54:48 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
415 B 36ms
8ms XHR
binary/octet-stream 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.450.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:11:21 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 6497008
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: h7dSAp2YGci1c_-8e32MF0onuOrhnxqS1n5jifGye-259eFpslB0MQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
420 B 42ms
9ms XHR
binary/octet-stream 143.204.89.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.450.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-96.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 13:24:28 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 15903021
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: LBFlS62cGBUPlH_POZgKi8Q1v3l6BTseRwcaUNVdYxkNOchPPXp-ng==

GET
BLOB 200
OK c66cb7b7-a565-400c-bf26-86f3f93f5ae0
https://banyanhill.com/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://banyanhill.com/c66cb7b7-a565-400c-bf26-86f3f93f5ae0
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H/1.1 200
OK liveContent.js.gz Show response
s3.amazonaws.com/cloudcollective/scripts/assets/liveContent/ 12 KB
4 KB 112ms
111ms Script
text/javascript 52.217.169.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cloudcollective/scripts/assets/liveContent/liveContent.js.gz?callback=jQuery36009251812675617994_1655996086643&_=1655996086644
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/wp-includes/js/jquery/jquery.min.js?ver=1645777903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.169.184 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 937a994fdaf1bc396f4b2f63848c10d9cb4f33b4698bb736c8d9894ebd021d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2022 15:04:58 GMT
Server: AmazonS3
x-amz-request-id: 5W4W2MYRRB5FCYP4
ETag: "151e9e19e744c7efad28ceb8dd49ef0f"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 3323
x-amz-id-2: I8+xng/y1ODwc7pFxcL25dSohy/buEaHb1T9vBbZIt79NNEHL3kZFj4beRDZboNk+WH7aTVbnoc=

GET
H2 200 clock Show response
tracking.crazyegg.com/ 29 B
137 B 131ms
53ms XHR
text/plain 52.48.114.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1655996088234
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.450.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.114.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-114-92.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 260b040e4641ec0f01c0f4eb2c3e2f4ef2ebacf67ca691b1c0394c861a3f23f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 14:54:48 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

GET
H2 200 bhsyncjs.php Show response
myalphaspace1.com/www/dlv/ 0
0 500ms
126ms Script
text/html 35.209.5.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://myalphaspace1.com/www/dlv/bhsyncjs.php?_=1655996086645
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/wp-includes/js/jquery/jquery.min.js?ver=1645777903
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.5.166 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.5.209.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 101ms
46ms Script
text/javascript 2a00:1450:4014:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ793K8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2666
date: Thu, 23 Jun 2022 14:10:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Jun 2022 16:10:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 65ms
37ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ793K8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4538094C7A074CE9B0887BE5BCF86635 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 14:54:47 GMT
accept-ranges: bytes
content-length: 11360

GET
H3 200 305301623418080 Show response
connect.facebook.net/signals/config/ 289 KB
83 KB 63ms
63ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/305301623418080?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c152a2f93ff6ae50acd78fe23dc225561c3247bda5ccb5ad5d89dbe542ef4b93

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: DLH6jQITumRL5OO1VzAF5Wb5XXv6VBxC7UUNLtGUn/qr4svj1prxMYIrLY3Sp7vdomzwhTZzYFZ4MKwU3K2D+g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:54:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655996088409
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 399ms
103ms Script
text/javascript 52.22.221.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.221.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-221-234.compute-1.amazonaws.com
Software: /
Resource Hash: a8d49d420df5bb39ab20c587880f1c392b7468a5ea3c352b191ec840d1f3d967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 23 Jun 2022 14:54:48 GMT
Content-Encoding: gzip
Cache-Control: max-age=5
Content-Length: 5405
Connection: keep-alive
Content-Type: text/javascript

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 40ms
7ms Script
application/x-javascript 23.35.229.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: banyanhill.com
URL: https://banyanhill.com/whitelist/?bsft_aaid=6861be0c-8f3e-4d35-8112-646efb160bf2&bsft_eid=c198ae83-f912-f5f3-21e8-9432c60a343d&utm_source=blueshift&bsft_clkid=225b3375-3246-43f9-8d8e-42dc87074db2&bsft_uid=fa875640-2100-4dda-b6a5-51ce26c9a245&bsft_mid=5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5&bsft_utid=fa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES&bsft_mime_type=html&bsft_ek=2022-06-22T19%3A55%3A20Z&bsft_lx=23&bsft_tv=5&messaging_tags=062222-wid-free&pk=b6d4e0a36747d8f577f05db5eb16e730&utm_campaign=062222-wid-free&utm_medium=email&vid2=d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.229.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3249
Expires: Thu, 23 Jun 2022 15:14:48 GMT

GET
H2 200 ptrk.js Show response
itm.itstracking.com/ 7 KB
8 KB 286ms
166ms Script
text/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.itstracking.com/ptrk.js?pageType=universal&partner=banyan
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ793K8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1eab194c0cbe03aae9e0c073dc85f20e7e436e4ff91230434876003f4d46de8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
server: Google Frontend
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 269469c148b11adc99803e87c31b966d
cache-control: private
content-length: 7399
expires: Thu, 23 Jun 2022 14:54:48 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 361ms
83ms Script
application/javascript 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00d73f858c290604730c56b8b80092e909
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: gzip
X-TraceId: 2dec72d233bcd4ab6e3e5b10e8fb3839
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 360ms
82ms Image
image/gif 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00d73f858c290604730c56b8b80092e909&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&optOut=false&bust=06674329653214248&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:48 GMT
Cache-Control: no-cache
X-TraceId: c9203383171d2629cd87d7fe8516866f
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 204 20121258.js Show response
bat.bing.com/p/action/ 0
138 B 199ms
199ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/20121258.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ADAA4ECCE24946808E8BE09591E23CE6 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 14:54:47 GMT

GET
H2 204 0
bat.bing.com/action/ 0
177 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=20121258&tm=gtm002&Ver=2&mid=0e921c42-a3d7-406f-b545-a5486b423244&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&p=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&r=&lt=3877&evt=pageLoad&msclkid=N&sv=1&rn=44852

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5AB7967D65654C978A327CD8B18EB853 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1086300758378777 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1086300758378777?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5eee1e6789bc63dfe2a55ee34e1f8f32a67cfef24f812c2fc2e8a7ca9d0b0cb9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: lRuYS2n5pqGocK2ScTI6EAo2pIGeBp5GwD+oBCL7vwj6YwGeO0GTPwXOo9x/Q/s7rSi7dDyC8JDbxvJvkKnUAw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Jun 2022 14:54:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655996088486
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=305301623418080&ev=PageView&dl=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&rl=&if=false&ts=1655996088431&sw=1600&sh=1200&v=2.9.62&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22734698344033393%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22648362079110462%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1655996087906.183101206&it=1655996087593&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:54:48 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 100ms
58ms XHR
text/plain 2a00:1450:4014:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1154655045&t=pageview&_s=1&dl=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&ul=en-us&de=UTF-8&dt=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=852358746&gjid=1129015658&cid=1182154653.1655996088&tid=UA-90306782-1&_gid=1634441167.1655996088&_r=1&gtm=2wg6f0NQ793K8&cd6=General&z=1875844217

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://banyanhill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1086300758378777&ev=PageView&dl=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&rl=&if=false&ts=1655996088510&sw=1600&sh=1200&v=2.9.62&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1655996087906.183101206&it=1655996087593&coo=false&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 23 Jun 2022 14:54:48 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4338 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://banyanhill.com
Referer: https://banyanhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://banyanhill.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:54:48 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90306782-1&cid=1182154653.1655996088&jid=852358746&gjid=1129015658&_gid=1634441167.1655996088&_u=YEBAAAAAAAAAAC~&z=709138871

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Jun 2022 14:54:48 GMT
content-type: text/plain
access-control-allow-origin: https://banyanhill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
502 B 152ms
66ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90306782-1&cid=1182154653.1655996088&jid=852358746&_u=YEBAAAAAAAAAAC~&z=1084660307

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
502 B 142ms
62ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90306782-1&cid=1182154653.1655996088&jid=852358746&_u=YEBAAAAAAAAAAC~&z=1084660307

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
11 KB 31ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: itm.itstracking.com
URL: https://itm.itstracking.com/ptrk.js?pageType=universal&partner=banyan

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DD2DA15CACB45EE8EE9B4B85FBBEEE3 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 14:54:47 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
14 KB 81ms
27ms Script
application/javascript 178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=73806

Requested by

Host: itm.itstracking.com
URL: https://itm.itstracking.com/ptrk.js?pageType=universal&partner=banyan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

599553171f43f3437b63391b997d35b74a9fc5a8366561d48e4298be6bc5f63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 139ms
55ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-372746746

Requested by

Host: itm.itstracking.com
URL: https://itm.itstracking.com/ptrk.js?pageType=universal&partner=banyan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4f3da5a3d59bb26175dc72aa762a9cd9178600a9f5218e48027813c29d1fd3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43330
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:54:48 GMT

POST
H2 200 px-page Show response
itm.itstracking.com//api/trk/ 3 B
102 B 168ms
167ms XHR
application/json 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.itstracking.com//api/trk/px-page
Requested by: Host: itm.itstracking.com
URL: https://itm.itstracking.com/ptrk.js?pageType=universal&partner=banyan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://banyanhill.com
x-cloud-trace-context: 3d538345b0742bec3ac764d8009f5056
server: Google Frontend
date: Thu, 23 Jun 2022 14:54:48 GMT
content-length: 3
vary: Origin
content-type: application/json

OPTIONS
H2 200 px-page
itm.itstracking.com//api/trk/ Frame 0
0 236ms
151ms Preflight
text/html 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.itstracking.com//api/trk/px-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://banyanhill.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://banyanhill.com
allow: HEAD, OPTIONS, GET, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 23 Jun 2022 14:54:48 GMT
server: Google Frontend
vary: Origin
x-cloud-trace-context: 9a33c256092081d0dd6e0d61096c5006

GET
H2 200 138001041.js Show response
bat.bing.com/p/action/ 220 B
433 B 187ms
186ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/138001041.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a55db20c8f85fedc0ea8b6ec978c2353c8cba9184edffb0e3ae16f0a220ad692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2014DB82DF454324834DA45CE0D92952 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:48 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 301

GET
H2 200 134618217.js Show response
bat.bing.com/p/action/ 220 B
477 B 154ms
152ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134618217.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8fc0905aeae2e4f15bcf20159860b5c1059be9468708cf31f7009887643af5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5F69EA5800C14B22A707C119FE3DBF54 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:48 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 301

GET
H2 204 134618216.js Show response
bat.bing.com/p/action/ 0
118 B 233ms
232ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134618216.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 201F431113804601837AFE6BDA518245 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:48 GMT
x-cache: CONFIG_NOCACHE

GET
H2 200 134618177.js Show response
bat.bing.com/p/action/ 220 B
434 B 183ms
182ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134618177.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

70ed6134148dda36a0f06fdad9507d6b368e411a60e9222857b7d95b563243a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2CA22F452A3A423D9150F711DD9B26E6 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Thu, 23 Jun 2022 14:54:48 GMT
content-length: 301

GET
H2 204 13018902.js Show response
bat.bing.com/p/action/ 0
121 B 198ms
198ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13018902.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E730E6DD8634444C8148B99EDFB71D01 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 14:54:48 GMT

GET
H2 204 137015898.js Show response
bat.bing.com/p/action/ 0
136 B 348ms
347ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137015898.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE1760DB3B0942CA97F18332E12CEA4D Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 23 Jun 2022 14:54:48 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 33ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=138001041&Ver=2&mid=0db31742-c5c2-4873-8a8a-5205b2522aa8&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&p=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&r=&lt=3877&evt=pageLoad&msclkid=N&sv=1&rn=601357

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEA0D24B05D0497584D0CD6549C1715B Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 40ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=138001041&Ver=2&mid=0db31742-c5c2-4873-8a8a-5205b2522aa8&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=688711

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C6492E9E707C45E19C3326DBA0C92B54 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 125ms
122ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618217&Ver=2&mid=b3416901-183b-4662-9fb2-fbe917601ef5&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&p=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&r=&lt=3877&evt=pageLoad&msclkid=N&sv=1&rn=607029

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D877B9873FCC45B3BD21BCC1925CB2CB Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:48 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 39ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618217&Ver=2&mid=b3416901-183b-4662-9fb2-fbe917601ef5&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=495081

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE96251207C543B3B5418869B68DAC48 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 41ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618216&Ver=2&mid=f6d45e5d-533b-4347-bd64-78daf0317c81&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&p=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&r=&lt=3877&evt=pageLoad&msclkid=N&sv=1&rn=717324

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 218D6365728E4BCBAEEA6F50386E1D9F Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 39ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618216&Ver=2&mid=f6d45e5d-533b-4347-bd64-78daf0317c81&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=269336

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47A35FE20CBE4C658DF3164E98794B12 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 41ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618177&Ver=2&mid=dfbcdba3-4df4-4c98-8f27-8f5ad202c698&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&p=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&r=&lt=3877&evt=pageLoad&msclkid=N&sv=1&rn=893014

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 528DE22F194F4420BE59A3F4C04EB48B Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 40ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618177&Ver=2&mid=dfbcdba3-4df4-4c98-8f27-8f5ad202c698&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=882312

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5300C5FFE45242DBBD6C27892D181D4F Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 39ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13018902&Ver=2&mid=69c7af40-34a8-4d22-9867-456765709c9f&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&p=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&r=&lt=3877&evt=pageLoad&msclkid=N&sv=1&rn=541655

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 385A91A3EF5F4BE58C8C7A9BD7E4C8DD Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 38ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13018902&Ver=2&mid=69c7af40-34a8-4d22-9867-456765709c9f&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=251078

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF3D0C75F3734B509EC9CAFD5F62FE4D Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 108ms
107ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137015898&Ver=2&mid=c23fe05e-03a0-43bf-9474-a35b4b680573&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&p=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&r=&lt=3877&evt=pageLoad&msclkid=N&sv=1&rn=621926

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 37513438204743BCAFE29776D17F6716 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:48 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 117ms
116ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137015898&Ver=2&mid=c23fe05e-03a0-43bf-9474-a35b4b680573&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=440475

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 56013535868D48F890DA725F15AFA099 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:48Z
date: Thu, 23 Jun 2022 14:54:48 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 449A 15 KB
6 KB 54ms
20ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=banyanhill.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=73806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://banyanhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:54:48 GMT
server-processing-duration-in-ticks: 2129
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 97ms
97ms Stylesheet
text/css 52.22.221.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.221.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-221-234.compute-1.amazonaws.com
Software: /
Resource Hash: e0911f5431f4b0fefc5b5672a702daf3c67d35e374dd1c07853396adb43a0b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 23 Jun 2022 14:54:48 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 397ms
101ms Fetch
image/jpeg 52.22.221.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.221.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-221-234.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 23 Jun 2022 14:54:49 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2

200

sid Show response
mug.criteo.com/ Frame 449A
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=banyanhill.com&sn=ChromeSyncframe&so=0&topUrl=banyanhill.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=rJgTTnxiTWpqcVIwbEswRXliNnBudXlDYzBJanRkK09iR0lzOWhtL2xqK2g4NFIycXNkMWJGTVdpeG4wbGlnNzZTUXhaNnRJRTZZU1diQWIwek1mamVYOVV4YzZpOTVJMGR2bHNnbUIxZk85eDMvQTNUUm9maTdIRWxyYn...

441 B
631 B

64ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rJgTTnxiTWpqcVIwbEswRXliNnBudXlDYzBJanRkK09iR0lzOWhtL2xqK2g4NFIycXNkMWJGTVdpeG4wbGlnNzZTUXhaNnRJRTZZU1diQWIwek1mamVYOVV4YzZpOTVJMGR2bHNnbUIxZk85eDMvQTNUUm9maTdIRWxyYnlsaXcvbnY4alVKQ0ZkM2VjVFlpeGtPamNYcVJsOThUbVVjNzN4TE56RytVMi9WT0dUYWJhV1pkUjBqczd2anZIQ2kzRSszbmQyTnhMNGVocllpQ1lKMG5UVWl1WHVBTzRaT0txNlpjS0gvV2FDVkNVUkE1VFJpZ0dIVzZBSFNJclhsVHY2TTROdmZSOTd2VTN1bHBKSVRyazY3WUs2UT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f1c7f6a983002a988933c4bf53c6513fd059d39ed64ace9919ab8e404ffb2ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4401
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:48 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=rJgTTnxiTWpqcVIwbEswRXliNnBudXlDYzBJanRkK09iR0lzOWhtL2xqK2g4NFIycXNkMWJGTVdpeG4wbGlnNzZTUXhaNnRJRTZZU1diQWIwek1mamVYOVV4YzZpOTVJMGR2bHNnbUIxZk85eDMvQTNUUm9maTdIRWxyYnlsaXcvbnY4alVKQ0ZkM2VjVFlpeGtPamNYcVJsOThUbVVjNzN4TE56RytVMi9WT0dUYWJhV1pkUjBqczd2anZIQ2kzRSszbmQyTnhMNGVocllpQ1lKMG5UVWl1WHVBTzRaT0txNlpjS0gvV2FDVkNVUkE1VFJpZ0dIVzZBSFNJclhsVHY2TTROdmZSOTd2VTN1bHBKSVRyazY3WUs2UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1463
content-length: 541
expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197267367-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372746746

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e2fcba67507c1605a95eefa0411318b0b95bff7c7d93a78f3065b742f0914a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39800
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:54:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-691150612&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372746746

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e029fe27e9c7187d39308c6e1f4934604f1f2840f05fa2066124536f149fae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43472
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:54:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 266ms
266ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10780855742&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372746746

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d949f95fc6dc832d97763beb0b05545ad46af676e66c10a8fa3b3377e7836d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43350
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:54:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-452500132&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372746746

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c13ac5a307063143bfce9cd1b4127aecf18da8f21db87d566dbbf86393114b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43353
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:54:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-834194545&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372746746

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e26a5e79934349d46039dbe84f9dced61e8eba2bf144c6af68e1985286edc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43501
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:54:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 89ms
89ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10844440371&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372746746

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d0748d77c501a8debeb0a11bf810f547ae3d415643fb8185ac382df071734f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43351
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Jun 2022 14:54:48 GMT

GET
H2 200 134618217 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 408ms
101ms Script
application/x-javascript 2620:1ec:27::cafe:2133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/134618217
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/134618217.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 6a766878cfcdcf3b7d5b18aa8cf9ce5624799cbdb819fa6d01c32335ff64cb4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
x-powered-by: ASP.NET
x-azure-ref: 0uX60YgAAAAB3YVv/V2YhQIW5l510ojMXUFJBRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 138001041 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 374ms
100ms Script
application/x-javascript 2620:1ec:27::cafe:2133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/138001041
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/138001041.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 80b0b9557bb9454688477c20b57d791aba2b5e78984b7e2a202e1db6b01fb8f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
x-powered-by: ASP.NET
x-azure-ref: 0uX60YgAAAAAJ6qd0QxvjS6j81UzSSnciUFJBRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length: 1543
expires: -1

GET
H2 200 134618177 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 371ms
101ms Script
application/x-javascript 2620:1ec:27::cafe:2133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/134618177
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/134618177.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f04eb761db5d8721344791557f6a3d2bbe48e7eea9b78843aa2b8024a50a4df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
x-powered-by: ASP.NET
x-azure-ref: 0uX60YgAAAADKu63AeXgCQICbptBCpm8XUFJBRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
content-length: 1543
expires: -1

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=%5B73806%2C68943%2C73810%2C87745%2C73809%2C68943%2C73808%5D&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Dbanyan-unknown&p2=e%3Ddis%26a%3D%255B73806%252C6...
https://widget.us.criteo.com/event?a=%5B73806%2C68943%2C73810%2C87745%2C73809%2C68943%2C73808%5D&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Dbanyan-unknown&p2=e%3Ddis%26a%3D%255B73806%252C6...

40 KB
40 KB

360ms
158ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=%5B73806%2C68943%2C73810%2C87745%2C73809%2C68943%2C73808%5D&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Dbanyan-unknown&p2=e%3Ddis%26a%3D%255B73806%252C68943%252C73810%252C87745%252C73809%252C73808%255D&adce=1&bundle=PE7TlV9kYVRRSyUyQnJBMGIyMHpmSTI4THdkYkM2SXpOTG9FUVZoTCUyQmMlMkY0VzE0bVpBN2RYNHBFeW5haU4xJTJCVFRFN1E4Z2JMWkNRVnFjbzVXTWRSU2FPSjZ3VngwNGZVTkYyOXREZ0k4aEJZMGNCNzN3UW43Z2UlMkY1R2JIbjRrRFNlaCUyQklhY0JvMUJ3SlE0aCUyQktGMzlUMFZTaUFVZyUzRCUzRA&tld=banyanhill.com&dy=1&ful=710&fu=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%253&dtycbr=66671

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c6e60b97dfbe2c98b74c92adc034d7f655da5d6e5579b4ffb3f1812745e7c3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 52561883
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:48 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=%5B73806%2C68943%2C73810%2C87745%2C73809%2C68943%2C73808%5D&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Dbanyan-unknown&p2=e%3Ddis%26a%3D%255B73806%252C68943%252C73810%252C87745%252C73809%252C73808%255D&adce=1&bundle=PE7TlV9kYVRRSyUyQnJBMGIyMHpmSTI4THdkYkM2SXpOTG9FUVZoTCUyQmMlMkY0VzE0bVpBN2RYNHBFeW5haU4xJTJCVFRFN1E4Z2JMWkNRVnFjbzVXTWRSU2FPSjZ3VngwNGZVTkYyOXREZ0k4aEJZMGNCNzN3UW43Z2UlMkY1R2JIbjRrRFNlaCUyQklhY0JvMUJ3SlE0aCUyQktGMzlUMFZTaUFVZyUzRCUzRA&tld=banyanhill.com&dy=1&ful=710&fu=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%253&dtycbr=66671
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7658536
timing-allow-origin: *
content-length: 0
expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 82F8 0
15 B 11ms
10ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://banyanhill.com
Referer: https://banyanhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://banyanhill.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:54:49 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 remediation_1655977387219.js Show response
cdn.userway.org/widgetapp/2022-06-23/remediation/ 151 KB
37 KB 14ms
13ms Script
application/javascript 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-06-23/remediation/remediation_1655977387219.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-06-23/widget_app_base_1655977387219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 46a5e898fd43ed2b5bcc510c4f01f3d8928a9c5fe182b68e4fa191e318c86ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:54:48 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
etag: W/"0a89bf20d3a2deafd04c49b7a2024421"
age: 319
x-77-cache: HIT
x-cache: HIT
x-age: 17712
content-encoding: br
vary: Accept-Encoding
x-77-nzt: AdRmOI1o0ZH/MEUAAA
x-accel-expires: @1681898376
last-modified: Thu, 23 Jun 2022 09:45:39 GMT
server: CDN77-Turbo
x-77-nzt-ray: qEtkbqB9IJI
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: KUmbmI08YLGJH7daWyFVqSapn-CWX1C-G14k2sHS4DbQZpD1BAw7fw==

GET
H2 200 1WcLYgWB3lMunq4F.json Show response
cdn.userway.org/remediations/consolidated/1585417/ 921 KB
115 KB 1436ms
1422ms XHR
application/json 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1585417/1WcLYgWB3lMunq4F.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-06-23/widget_app_base_1655977387219.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c3671432b4854d85d7ff77d39a91fca0eb221bb4b3ad37383d5d0e8fc5d95ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:54:49 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
etag: W/"79bf59d84a852d11f5f1f5d6f6ff0c4c"
x-amz-cf-pop: FRA6-C1
x-77-cache: MISS
x-cache: MISS
content-encoding: br
vary: Accept-Encoding, Origin
x-77-nzt: AdRmOI1m+xvB
x-accel-expires: @1687532089
last-modified: Thu, 23 Jun 2022 13:27:02 GMT
server: CDN77-Turbo
x-77-nzt-ray: cktksyQelpc
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: https://banyanhill.com
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
x-amz-cf-id: 9A0daMSKAmgcx_EeEx5VdjlLwtk-nm6o1c6qkF8Zap0X_6Bhu8_Kuw==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 7ms
6ms Image
image/svg+xml 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:54:48 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
age: 26
x-77-cache: HIT
x-cache: HIT
x-age: 178122
content-encoding: br
x-77-nzt: AdRmOI2077b/yrcCAA
x-accel-expires: @1681737966
last-modified: Sat, 28 May 2022 16:05:58 GMT
server: CDN77-Turbo
x-77-nzt-ray: ok7MiluTXYs
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: VOBBAFvxolYsAGE--PTSo52j1W383WBWLgCRDRDbIlwzwG7KuqRRjA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 23 Jun 2022 14:54:48 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
age: 26
x-77-cache: HIT
x-cache: HIT
x-age: 178122
content-encoding: br
vary: Accept-Encoding
x-77-nzt: AdRmOI0MCJ7/yrcCAA
x-accel-expires: @1681737966
last-modified: Sat, 28 May 2022 16:05:58 GMT
server: CDN77-Turbo
x-77-nzt-ray: 3A7psPy7qIw
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 1Q2vTywU8NINcWMPhPoJl6t7HcF0YEmNAflhsOlT2VfV-7uJzs8nBQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 58ms
58ms XHR
text/plain 2a00:1450:4014:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1154655045&t=pageview&_s=1&dl=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&ul=en-us&de=UTF-8&dt=itmP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=436155377&gjid=180701543&cid=1182154653.1655996088&tid=UA-197267367-1&_gid=1634441167.1655996088&_r=1&gtm=2ou6m0&cd1=banyan&z=2139518810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://banyanhill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 48ms
48ms Script
text/javascript 2a00:1450:4014:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197267367-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2667
date: Thu, 23 Jun 2022 14:10:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Jun 2022 16:10:22 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 205ms
54ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-691150612&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Jun 2022 14:54:49 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B86A 0
15 B 10ms
10ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://banyanhill.com
Referer: https://banyanhill.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://banyanhill.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 23 Jun 2022 14:54:49 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-197267367-1&cid=1182154653.1655996088&jid=436155377&gjid=180701543&_gid=1634441167.1655996088&_u=aEDAAUABAAAAAC~&z=1138739105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Jun 2022 14:54:49 GMT
content-type: text/plain
access-control-allow-origin: https://banyanhill.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
396 B 99ms
98ms XHR
text/plain 52.22.221.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=PO9iIQcEOJgIw9KiBxmoUQ&is_js=true&landing_url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f&t=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&tip=pGcOa4CQEvpp20aY__RySvlJES4qivuJ7lue_PCjHZs&host=https://banyanhill.com&sa-user-id-v2=s%253A0-2505fd24-369d-4445-51d8-1dfc32dd4f42%2524ip%2524185.213.155.169.e5qwUQ%252BhXo%252FKDJB8PkSrfhoyfgKI%252FVT8FXni1BN1Dk4&sa-user-id=s%253A0-2505fd24-369d-4445-51d8-1dfc32dd4f42.HX0YFYtuh9XNsCtONdrKsTMUnlzbEBg6tBZgYXInf64
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.221.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-221-234.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:49 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://banyanhill.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-d/s/0.6.34/ 53 KB
23 KB 97ms
96ms Script
application/javascript 2620:1ec:27::cafe:2133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-d/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/138001041
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2133 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:48 GMT
content-encoding: br
etag: "1d8849082142e54"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0uX60YgAAAABmmV0XTHtjTKQig9XKlMIgUFJBRURHRTEzMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=367F6599480447C7BDDAA26B5C1E416F&RedC=c.clarity.ms&MXFR=18D8C124273E609909F8D0E8233E6ECA
https://c.clarity.ms/c.gif?CtsSyncId=367F6599480447C7BDDAA26B5C1E416F&MUID=0F68B7EDA0B86C111AAAA621A1D36D00

42 B
392 B

27ms
27ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=367F6599480447C7BDDAA26B5C1E416F&MUID=0F68B7EDA0B86C111AAAA621A1D36D00
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7BC2848C72749638DEB8CE303F5002B Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=367F6599480447C7BDDAA26B5C1E416F&MUID=0F68B7EDA0B86C111AAAA621A1D36D00
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/372746746/ 3 KB
1 KB 135ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372746746/?random=1655996089321&cv=9&fst=1655996089321&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c16e6b3e840de8c1cf4cfba79e90cc43df0d802881b7b37e7ce2e4deb5107e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/372746746/ 3 KB
2 KB 135ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372746746/?random=1655996089323&cv=9&fst=1655996089323&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c935e571c95c86d40e017da60b851cc3925f330ca27949aa01a6b9be31026bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/834194545/ 3 KB
1 KB 137ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834194545/?random=1655996089325&cv=9&fst=1655996089325&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1506033b1476242cd09c3df47ef849708e911696e8bb9a412ce7af7525e134a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1361
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/834194545/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834194545/?random=1655996089325&cv=9&fst=1655996089325&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600...
https://www.google.com/pagead/1p-user-list/834194545/?random=1655996089325&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&...
https://www.google.de/pagead/1p-user-list/834194545/?random=1655996089325&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u...

42 B
64 B

49ms
49ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/834194545/?random=1655996089325&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=1102327049&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/834194545/?random=1655996089325&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=1102327049&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10844440371/ 3 KB
1 KB 133ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10844440371/?random=1655996089326&cv=9&fst=1655996089326&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d13075eb462bd2f6f2720c431e1c64bff827de6a8d8213f14c45901bab67820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1362
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10844440371/ 3 KB
2 KB 129ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10844440371/?random=1655996089327&cv=9&fst=1655996089327&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d3f8317ad8d1a787de94f979e530f899e65391b4da6c1f910a3abf452fd9180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1400
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/691150612/ 3 KB
1 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/691150612/?random=1655996089328&cv=9&fst=1655996089328&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376d44808acd2b60c5760852130d50d9392c070a592bb26acad6baf6f99b6f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/691150612/ 3 KB
2 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/691150612/?random=1655996089329&cv=9&fst=1655996089329&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e44a45f0685bbf38fce14b06607671ae99953633ddb70a943f1d5e578937b004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1399
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/452500132/ 3 KB
1 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/452500132/?random=1655996089330&cv=9&fst=1655996089330&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e47eb1c7fc4df054c934ed922847d6cffc8204bbd861ad1d0f3a6bf0a6115fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1362
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/452500132/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/452500132/?random=1655996089330&cv=9&fst=1655996089330&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600...
https://www.google.com/pagead/1p-user-list/452500132/?random=1655996089330&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&...
https://www.google.de/pagead/1p-user-list/452500132/?random=1655996089330&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u...

42 B
64 B

49ms
49ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/452500132/?random=1655996089330&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=2032487680&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/452500132/?random=1655996089330&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=2032487680&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10780855742/ 3 KB
1 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10780855742/?random=1655996089331&cv=9&fst=1655996089331&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a46b595203d5873aff28414bca99e94d26bab1b527407f4c24cea6d2c294bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/10780855742/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10780855742/?random=1655996089331&cv=9&fst=1655996089331&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=16...
https://www.google.com/pagead/1p-user-list/10780855742/?random=1655996089331&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=...
https://www.google.de/pagead/1p-user-list/10780855742/?random=1655996089331&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0...

42 B
64 B

51ms
51ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10780855742/?random=1655996089331&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=3715358465&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/10780855742/?random=1655996089331&cv=9&fst=1655992800000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&is_vtc=1&random=3715358465&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
229 B 176ms
176ms XHR
image/gif 52.36.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1655996089&e=pageload&r=&z=569027&x=3a6f2c04a99383e2e072b8fb9f58cd4f&k=89f9b187-e34f-4f13-a2b8-15f0432d4a28&u=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Requested by: Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.112.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-112-43.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Api-Key: 3a6f2c04a99383e2e072b8fb9f58cd4f

Response headers

access-control-allow-origin: https://banyanhill.com
access-control-expose-headers: etag
date: Thu, 23 Jun 2022 14:54:49 GMT
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif

OPTIONS
H2 200 unity.gif
api.getblueshift.com/ Frame 0
0 519ms
169ms Preflight 52.36.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1655996089&e=pageload&r=&z=569027&x=3a6f2c04a99383e2e072b8fb9f58cd4f&k=89f9b187-e34f-4f13-a2b8-15f0432d4a28&u=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-free%26utm_medium%3Demail%26vid2%3Dd800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.112.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-112-43.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://banyanhill.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: x-api-key, if-none-match, if-modified-since, content-type, x-requested-with
access-control-allow-methods: POST, DELETE, OPTIONS, HEAD, PUT, PATCH, GET
access-control-allow-origin: https://banyanhill.com
access-control-max-age: 86400
content-length: 0
date: Thu, 23 Jun 2022 14:54:49 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 145ms
66ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-197267367-1&cid=1182154653.1655996088&jid=436155377&_u=aEDAAUABAAAAAC~&z=742127818

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 139ms
64ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-197267367-1&cid=1182154653.1655996088&jid=436155377&_u=aEDAAUABAAAAAC~&z=742127818

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10844440371/ 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10844440371/?random=1655996089327&cv=9&fst=1655992800000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=3441337536&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10844440371/ 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10844440371/?random=1655996089327&cv=9&fst=1655992800000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=3441337536&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/372746746/ 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/372746746/?random=1655996089321&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=249278641&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/372746746/ 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/372746746/?random=1655996089321&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=249278641&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/372746746/ 42 B
64 B 54ms
52ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/372746746/?random=1655996089323&cv=9&fst=1655992800000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=422864702&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/372746746/ 42 B
64 B 59ms
57ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/372746746/?random=1655996089323&cv=9&fst=1655992800000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=422864702&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10844440371/ 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10844440371/?random=1655996089326&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=3005061991&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10844440371/ 42 B
64 B 56ms
55ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10844440371/?random=1655996089326&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=3005061991&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/834194545/ 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/834194545/?random=1655996089325&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=2936225323&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/834194545/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/834194545/?random=1655996089325&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=2936225323&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/691150612/ 42 B
64 B 54ms
50ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/691150612/?random=1655996089328&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=2646850618&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/691150612/ 42 B
64 B 58ms
54ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/691150612/?random=1655996089328&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=2646850618&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/691150612/ 42 B
64 B 54ms
51ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/691150612/?random=1655996089329&cv=9&fst=1655992800000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=1903773889&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/691150612/ 42 B
64 B 57ms
54ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/691150612/?random=1655996089329&cv=9&fst=1655992800000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dpageview%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dbanyan-unknown&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=1903773889&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10780855742/ 42 B
64 B 54ms
52ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10780855742/?random=1655996089331&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=245676504&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10780855742/ 42 B
64 B 53ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10780855742/?random=1655996089331&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=245676504&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/452500132/ 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/452500132/?random=1655996089330&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=893851972&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/452500132/ 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/452500132/?random=1655996089330&cv=9&fst=1655992800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbanyanhill.com%2Fwhitelist%2F%3Fbsft_aaid%3D6861be0c-8f3e-4d35-8112-646efb160bf2%26bsft_eid%3Dc198ae83-f912-f5f3-21e8-9432c60a343d%26utm_source%3Dblueshift%26bsft_clkid%3D225b3375-3246-43f9-8d8e-42dc87074db2%26bsft_uid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245%26bsft_mid%3D5ca44aa2-2ddb-45e5-8890-9efea4b0c7d5%26bsft_utid%3Dfa875640-2100-4dda-b6a5-51ce26c9a245-SOVINVES%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-06-22T19%253A55%253A20Z%26bsft_lx%3D23%26bsft_tv%3D5%26messaging_tags%3D062222-wid-free%26pk%3Db6d4e0a36747d8f577f05db5eb16e730%26utm_campaign%3D062222-wid-fre&tiba=Whitelist%20Banyan%20Hill%20-%20Banyan%20Hill%20Publishing&async=1&fmt=3&is_vtc=1&random=893851972&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
a.clarity.ms/ 0
175 B 477ms
192ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://banyanhill.com
date: Thu, 23 Jun 2022 14:54:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 18A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ&google_cm&google_hm=ay13clpKTm5sTWRadlhXb2t1S0JhemxXUGp5NmlndzhMU...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ&google_gid=CAESEOFEvZ-QCdIQ_Bke1jKmq34&google_cver=1&google_ula=913071,0

43 B
370 B

17ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ&google_gid=CAESEOFEvZ-QCdIQ_Bke1jKmq34&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1351451
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ&google_gid=CAESEOFEvZ-QCdIQ_Bke1jKmq34&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 18A7
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=zGFYCulCRANSQRGIfQ6TFPAR7gyssPpZ

0
99 B

105ms
43ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=zGFYCulCRANSQRGIfQ6TFPAR7gyssPpZ
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=zGFYCulCRANSQRGIfQ6TFPAR7gyssPpZ
date: Thu, 23 Jun 2022 14:54:49 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2597
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 18A7 0
232 B 125ms
29ms Image
text/html 3.251.15.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ&custom=&tag_format=img&tag_action=sync&custom=&cb=2f0f774f-5b05-450d-a470-c9f5b8263bde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.15.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-15-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:54:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 451 362338.gif
idsync.rlcdn.com/ Frame 18A7 0
43 B 131ms
44ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 18A7 43 B
634 B 123ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 23 Jun 2022 14:54:49 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 18A7 0
195 B 81ms
23ms Image
text/plain 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 18A7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RzXGB3lMdZvXWokuKBazlWPjy6i7zj5Ef3TE1w
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RzXGB3lMdZvXWokuKBazlWPjy6i7zj5Ef3TE1w&verify=true

0
121 B

12ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RzXGB3lMdZvXWokuKBazlWPjy6i7zj5Ef3TE1w&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-RzXGB3lMdZvXWokuKBazlWPjy6i7zj5Ef3TE1w&verify=true
date: Thu, 23 Jun 2022 14:54:49 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 18A7 0
476 B 356ms
88ms Image
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-OjuUTXlMdZvXWokuKBazlWPjy6i74dj6MN6b8Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:50 GMT
Cache-Control: no-cache
X-TraceId: 88d12908824e8ebdba496397a2fcbefe
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 18A7 0
428 B 222ms
175ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-hNOlEnlMdZvXWokuKBazlWPjy6jAgt2jvtUgFw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:50 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 23 Jun 2022 14:54:50 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 18A7 0
239 B 64ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-hNOlEnlMdZvXWokuKBazlWPjy6jAgt2jvtUgFw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 18A7
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-H8vpoXlMdZvXWokuKBazlWPjy6hpdbGJDq8ENg&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-H8vpoXlMdZvXWokuKBazlWPjy6hpdbGJDq8ENg%26seg%3D95287

43 B
1 KB

23ms
23ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-H8vpoXlMdZvXWokuKBazlWPjy6hpdbGJDq8ENg%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:54:49 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 457fb236-d54e-4340-b873-4e9a27784afc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:54:49 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cea070b8-8804-4b17-aa42-1d2ccdee87bd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-H8vpoXlMdZvXWokuKBazlWPjy6hpdbGJDq8ENg%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 18A7
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2377222092752626110

43 B
370 B

17ms
17ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2377222092752626110

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2270796
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:54:49 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 510ade12-709e-45bd-acc9-f56fa9ba1026
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2377222092752626110
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 18A7 0
226 B 66ms
15ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-aLPxOnlMdZvXWokuKBazlWPjy6hUlYctwFXvOw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H2 200 xuid
eb2.3lift.com/ Frame 18A7 37 B
141 B 32ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-8s1-3nlMdZvXWokuKBazlWPjy6hy93UoyXT3BA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 cksync.php
contextual.media.net/ Frame 18A7 45 B
787 B 324ms
56ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-seWt8XlMdZvXWokuKBazlWPjy6izS4GwI7u7qw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Thu, 23 Jun 2022 14:54:50 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 23 Jun 2022 14:54:50 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 18A7
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-X8XtH3lMdZvXWokuKBazlWPjy6jL9aXuA-mD4w
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-X8XtH3lMdZvXWokuKBazlWPjy6jL9aXuA-mD4w&C=1

43 B
783 B

14ms
13ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-X8XtH3lMdZvXWokuKBazlWPjy6jL9aXuA-mD4w&C=1
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:54:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 23 Jun 2022 14:54:49 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:54:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-X8XtH3lMdZvXWokuKBazlWPjy6jL9aXuA-mD4w&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 23 Jun 2022 14:54:49 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 18A7 0
242 B 40ms
8ms Image
text/plain 2600:9000:2156:2a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2QfzFnlMdZvXWokuKBazlWPjy6ixDyepqttJnw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SF9-JvtvGSxJvQ2lgV_8K_aGlL-HS9VNxoYyNHPHqzDlX2Q6IQtZeA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 18A7
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-2tQOhHlMdZvXWokuKBazlWPjy6jGV5OZ1G1Nzw&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-2tQOhHlMdZvXWokuKBazlWPjy6jGV5OZ1G1Nzw&expires=30&user_group=5

43 B
495 B

10ms
9ms

Image
image/gif

54.93.141.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-2tQOhHlMdZvXWokuKBazlWPjy6jGV5OZ1G1Nzw&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 54.93.141.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-141-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-2tQOhHlMdZvXWokuKBazlWPjy6jGV5OZ1G1Nzw&expires=30&user_group=5
Date: Thu, 23 Jun 2022 14:54:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 18A7 35 B
337 B 104ms
37ms Image
image/gif 52.30.1.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-E04aUnlMdZvXWokuKBazlWPjy6hYCV1aAAxd2A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.1.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-1-181.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:50 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 18A7 23 B
172 B 80ms
35ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-l6LQSHlMdZvXWokuKBazlWPjy6hlb7TVz-SPPg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:50 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 23 Jun 2022 14:54:50 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 18A7 0
99 B 69ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-zbxy5nlMdZvXWokuKBazlWPjy6jw3ShxirlkQg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13764

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 18A7 43 B
163 B 63ms
17ms Image
image/gif 185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-aEogTHlMdZvXWokuKBazlWPjy6hLJVtAOFgRjA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:49 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 18A7 0
35 B 36ms
7ms Image
text/plain 18.193.215.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-6aithHlMdZvXWokuKBazlWPjy6iFDwOA3o2bKg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.215.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-215-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:50 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 18A7
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Q572inlMdZvXWokuKBazlWPjy6ilF6NRHanfbA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Q572inlMdZvXWokuKBazlWPjy6ilF6NRHanfbA

43 B
447 B

31ms
31ms

Image
image/gif

52.48.92.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Q572inlMdZvXWokuKBazlWPjy6ilF6NRHanfbA
Protocol: H2
Server: 52.48.92.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-92-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Jun 2022 14:54:50 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Q572inlMdZvXWokuKBazlWPjy6ilF6NRHanfbA
date: Thu, 23 Jun 2022 14:54:50 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 18A7
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-72qLm3lMdZvXWokuKBazlWPjy6ihF-kmlWxDfA
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-72qLm3lMdZvXWokuKBazlWPjy6ihF-kmlWxDfA&_li_chk=true&previous_uuid=05bdef027a3145b681056dcba72a6719
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-72qLm3lMdZvXWokuKBazlWPjy6ihF-kmlWxDfA

43 B
419 B

349ms
114ms

Image
image/gif

2600:1f18:444a:4602:dc9:5139:b20d:8eb0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-72qLm3lMdZvXWokuKBazlWPjy6ihF-kmlWxDfA

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:dc9:5139:b20d:8eb0 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:50 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-72qLm3lMdZvXWokuKBazlWPjy6ihF-kmlWxDfA
Date: Thu, 23 Jun 2022 14:54:50 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 18A7 43 B
428 B 310ms
97ms Image
image/gif 18.235.141.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-YLubynlMdZvXWokuKBazlWPjy6iDmdjLMkCgDw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.141.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-141-125.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:50 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 18A7 43 B
183 B 338ms
108ms Image
image/gif 2600:1f18:612b:4232:40ff:2de3:a398:119a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-SVL6QHlMdZvXWokuKBazlWPjy6jBPCMeQiT9YA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:40ff:2de3:a398:119a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:50 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 18A7
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-6_wh83lMdZvXWokuKBazlWPjy6h7xHbnjXui9Q&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

92ms
14ms

Image
image/gif

2001:4de0:ac19::1:b:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 14:54:50 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1655996090.dop141.am5.t,1655996090.cds311.am5.shn,1655996090.cds311.am5.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:54:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1655996089953069-578
Expires: Thu, 23 Jun 2022 14:54:50 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 18A7
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2377222092752626110

43 B
370 B

16ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2377222092752626110

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1210242
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 23 Jun 2022 14:54:50 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2594ae8b-4989-4d75-90d3-fe45da999704
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2377222092752626110
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 18A7
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/CRkzHkFJfRnDHEUF9oNi-Xq0O9Xlw2fv/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2748625198695044870

43 B
370 B

17ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2748625198695044870

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 14:54:49 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2004915
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2748625198695044870
pragma: no-cache
date: Thu, 23 Jun 2022 14:54:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

OPTIONS
H2 200 links
api.userway.org/api/br-links/v0/ Frame 0
0 169ms
169ms Preflight 44.228.83.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.83.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-83-169.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://banyanhill.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Thu, 23 Jun 2022 14:54:50 GMT
x-service-version: apps-692c3de1

POST
H2 200 links Show response
api.userway.org/api/br-links/v0/ 232 B
572 B 307ms
307ms XHR
application/json 44.228.83.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-06-23/widget_app_base_1655977387219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.83.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-83-169.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: c237d7473186c1d44f165d8c58ee49d079086b3474e0834a5fa4338e7d277416

Request headers

Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Jun 2022 14:54:51 GMT
etag: W/"e8-/0kJIHCSE3WOww7Qp9IU9qUEsEw"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 3000
access-control-allow-headers: *
content-length: 232
x-service-version: apps-692c3de1
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type

GET
H2 204 0
bat.bing.com/action/ 0
211 B 34ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 022769F03A0F47588C9FA40CACB2ACB1 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 38ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4F619A40B6C9438C854F425F76B07818 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 39ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=138001041&Ver=2&mid=0db31742-c5c2-4873-8a8a-5205b2522aa8&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=688711

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BB809589FB72486DB7BA24443C1B2E66 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 38ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 041FFB5E3F484981BF4D59BE6FB0FEE6 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 40ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618217&Ver=2&mid=b3416901-183b-4662-9fb2-fbe917601ef5&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=495081

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8E267C6EB9F64DE1AB437036B6D80ED1 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 37ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3FB90061C6B545ACBFBB9BD3B6B9CCD9 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 38ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618216&Ver=2&mid=f6d45e5d-533b-4347-bd64-78daf0317c81&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=269336

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 29AE9A1FE20A45CAA0308A62F63EE882 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 36ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2F29D84CA7C47099AC59CE43133C841 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 38ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618177&Ver=2&mid=dfbcdba3-4df4-4c98-8f27-8f5ad202c698&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=882312

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 869A9FA528634184B6C43ECDB901CC8C Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 39ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B2F3996E3E2A4BC9A062680021A07887 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 40ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13018902&Ver=2&mid=69c7af40-34a8-4d22-9867-456765709c9f&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=251078

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1ECB42FDBE634082A95B2A8C0121C0CC Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 42ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D2932AAD4E3A475AAAE8C331C8E5B10D Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 39ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137015898&Ver=2&mid=c23fe05e-03a0-43bf-9474-a35b4b680573&sid=6d816fb0f30411ec8cbe430e53820096&vid=6d81a090f30411ecbe3373276ed4ad3a&vids=0&ec=pageview&el=banyan-unknown&ev=0&ea=pageview&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=440475

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F7418144B394AC3A132D669DE4108A2 Ref B: FRAEDGE1519 Ref C: 2022-06-23T14:54:50Z
date: Thu, 23 Jun 2022 14:54:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 91ms
90ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://banyanhill.com
date: Thu, 23 Jun 2022 14:54:50 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 2917345709861927 Show response
api.userway.org/api/remediation/moderation/by-page/1585417/ 3 KB
4 KB 169ms
169ms XHR
application/json 44.228.83.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/moderation/by-page/1585417/2917345709861927
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-06-23/widget_app_base_1655977387219.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.83.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-83-169.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://banyanhill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 14:54:51 GMT
etag: W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 3350
x-service-version: uw-pr

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 92ms
92ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://banyanhill.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://banyanhill.com
date: Thu, 23 Jun 2022 14:54:52 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

343 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 04:43:08	Name: _li_ss Value: MgkI_____wcQzBI
banyanhill.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ik3g0l8ruimrt9c1u68p9cbgb5
banyanhill.com/	1970-01-20 12:45:32	Name: _bs Value: 89f9b187-e34f-4f13-a2b8-15f0432d4a28
banyanhill.com/	1970-01-20 12:45:32	Name: vid2 Value: d800c8c298e60c00b3a523383cdb5d0482d02dcbeAB12ABCDEFGHIJKLMNOPQ928a5d0da5f4f002f757978c8e4f0af03f
.banyanhill.com/	1970-02-26 08:47:56	Name: BE_CLA3 Value: p_id%3DAL2L2A4JJNN4RN8APP4NAP64RAAAAAAAAH%26bf%3D477264b3b4ce0eb1ec7ca1dd4f14783b%26bn%3D1%26bv%3D3.44%26s_expire%3D1656082487870%26s_id%3DAL2L2A4JJNN4R4JLPRNNAP64RAAAAAAAAH
.banyanhill.com/	1970-01-20 06:09:32	Name: _fbp Value: fb.1.1655996087906.183101206
.banyanhill.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.banyanhill.com/	1970-01-20 12:45:32	Name: _ce.s Value: v~32da9220820abf928bbdf0322c5e424007a16256~vpv~0
.banyanhill.com/	1970-01-20 06:09:32	Name: _gcl_au Value: 1.1.1347526416.1655996088
.banyanhill.com/	1969-12-31 23:59:59	Name: cebsp Value: 1
.bing.com/	1970-01-20 13:21:32	Name: MUID Value: 0F68B7EDA0B86C111AAAA621A1D36D00
.banyanhill.com/	1970-01-20 21:31:08	Name: _ga Value: GA1.2.1182154653.1655996088
.banyanhill.com/	1970-01-20 04:01:22	Name: _gid Value: GA1.2.1634441167.1655996088
.banyanhill.com/	1970-01-20 03:59:56	Name: _gat_UA-90306782-1 Value: 1
itm.itstracking.com/	1970-01-20 21:31:08	Name: _trk_cross Value: 754d45dc-45ad-41d1-9a0d-0e6e7f6f71c0
.banyanhill.com/	1970-01-20 04:01:22	Name: _uetsid Value: 6d816fb0f30411ec8cbe430e53820096
.banyanhill.com/	1970-01-20 13:21:32	Name: _uetvid Value: 6d81a090f30411ecbe3373276ed4ad3a
tags.srv.stackadapt.com/	1970-01-20 12:45:32	Name: sa-user-id Value: s%3A0-2505fd24-369d-4445-51d8-1dfc32dd4f42.HX0YFYtuh9XNsCtONdrKsTMUnlzbEBg6tBZgYXInf64
.srv.stackadapt.com/	1970-01-20 12:45:32	Name: sa-user-id-v2 Value: s%3AJQX9JDadREVR2B38Mt1PQrnVm6k.lkcuekXC04uPVe8lkz7tJGhkAclUxiO0SPAFSt1jxuw
banyanhill.com/	1970-01-20 12:45:32	Name: sa-user-id Value: s%253A0-2505fd24-369d-4445-51d8-1dfc32dd4f42.HX0YFYtuh9XNsCtONdrKsTMUnlzbEBg6tBZgYXInf64
banyanhill.com/	1970-01-20 12:45:32	Name: sa-user-id-v2 Value: s%253A0-2505fd24-369d-4445-51d8-1dfc32dd4f42%2524ip%2524185.213.155.169.e5qwUQ%252BhXo%252FKDJB8PkSrfhoyfgKI%252FVT8FXni1BN1Dk4
banyanhill.com/	1970-01-20 03:59:56	Name: outbrain_cid_fetch Value: true
.criteo.com/	1970-01-20 13:21:32	Name: uid Value: c43d5387-2490-44f2-a781-a9908e9a70ec
.banyanhill.com/	1970-01-20 13:29:20	Name: cto_bundle Value: PE7TlV9kYVRRSyUyQnJBMGIyMHpmSTI4THdkYkM2SXpOTG9FUVZoTCUyQmMlMkY0VzE0bVpBN2RYNHBFeW5haU4xJTJCVFRFN1E4Z2JMWkNRVnFjbzVXTWRSU2FPSjZ3VngwNGZVTkYyOXREZ0k4aEJZMGNCNzN3UW43Z2UlMkY1R2JIbjRrRFNlaCUyQklhY0JvMUJ3SlE0aCUyQktGMzlUMFZTaUFVZyUzRCUzRA
.banyanhill.com/	1970-01-20 03:59:56	Name: _gat_gtag_UA_197267367_1 Value: 1
www.clarity.ms/	1970-01-20 12:45:32	Name: CLID Value: 0160ef6b11a94e4f93e4bbcd77eda76c.20220623.20230623
.banyanhill.com/	1970-01-20 12:45:32	Name: _clck Value: 10iymym\|1\|f2k\|0
.c.bing.com/	1970-01-20 13:21:32	Name: SRM_B Value: 0F68B7EDA0B86C111AAAA621A1D36D00
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:21:32	Name: MUID Value: 0F68B7EDA0B86C111AAAA621A1D36D00
.c.clarity.ms/	1970-01-20 03:59:56	Name: ANONCHK Value: 0
.adnxs.com/	1970-01-20 06:09:32	Name: uuid2 Value: 2377222092752626110
.analytics.yahoo.com/	1970-01-20 12:45:32	Name: IDSYNC Value: 18zh~25me
.yahoo.com/	1970-01-20 12:45:53	Name: A3 Value: d=AQABBLl-tGICEPb_Gicnm5H7Qxt8nyZX068FEgEBAQHQtWK-YgAAAAAA_eMAAA&S=AQAAAtNxvATuoF4MnexovikxWx0
.doubleclick.net/	1970-01-20 13:21:32	Name: IDE Value: AHWqTUkARxvy6viyzNQm6X8pvORYQEGqhZEoVwGvz1O4qmnbgg_w2dN41mQp2Gg23Yw
.bidswitch.net/	1970-01-20 12:45:32	Name: tuuid Value: 9be464cb-d37e-4334-8f7a-25aec0a416fe
.bidswitch.net/	1970-01-20 12:45:32	Name: c Value: 1655996089
.bidswitch.net/	1970-01-20 12:45:32	Name: tuuid_lu Value: 1655996089
.casalemedia.com/	1970-01-20 12:45:32	Name: CMID Value: YrR.uY7dIWOkAwQfnXsNqAAA
.casalemedia.com/	1970-01-20 06:09:32	Name: CMPS Value: 3274
.casalemedia.com/	1970-01-20 06:09:32	Name: CMPRO Value: 3274
.banyanhill.com/	1970-01-20 04:01:22	Name: _clsk Value: 1u9vp1g\|1655996090024\|1\|1\|a.clarity.ms/collect
.addthis.com/	1970-01-20 13:21:32	Name: ouid Value: 62b47eb90001ef444461e162e021444f4fb2b4f4b0dae13de4a2
.addthis.com/	1970-01-20 13:21:32	Name: uid Value: 62b47eb9c342526a
.addthis.com/	1970-01-20 13:21:32	Name: na_id Value: 2022062314544994000415358485
.revcontent.com/	1970-02-07 09:59:56	Name: __ID Value: 364c4c3e7d754eefb466be35fb198c28
.revcontent.com/	1970-01-20 04:43:08	Name: v1_151 Value: 1
.adnxs.com/	1970-01-20 06:09:32	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2In:kEgAG!]tbO8bhzs#DIgl#Xsfb[@pel
.360yield.com/	1970-01-20 06:09:32	Name: tuuid Value: 0c38996d-0edf-4227-872f-c9a55eae5b3c
.360yield.com/	1970-01-20 06:09:32	Name: tuuid_lu Value: 1655996090
.turn.com/	1970-01-20 08:19:08	Name: uid Value: 2748625198695044870
ads.stickyadstv.com/	1970-01-20 04:43:08	Name: UID Value: e220369fc26f3fb61398979d9c6bb29a
ads.stickyadstv.com/	1970-01-20 04:43:08	Name: uid-bp-11554 Value: k-6_wh83lMdZvXWokuKBazlWPjy6h7xHbnjXui9Q
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: fb5631d69a1dc0156f384f15caedc0c2
.360yield.com/	1970-01-20 06:09:32	Name: um Value: !38,CaguHajOCnHDaYJEM5GNwUUjyczXs-xmGghX0-jLqIc26LKWkwjpa.VGWe2qruF7OzV79hY0,1663772090
.360yield.com/	1970-01-20 06:09:32	Name: umeh Value: !38,0,1718204090,-1
.outbrain.com/	1970-01-20 06:09:32	Name: obuid Value: eddd3f85-e425-40dc-bfc9-c1013e60730a
.outbrain.com/	1970-01-20 04:20:05	Name: criteo Value: k-OjuUTXlMdZvXWokuKBazlWPjy6i74dj6MN6b8Q
.media.net/	1970-01-20 12:45:32	Name: visitor-id Value: 2989976908397737000V10
.media.net/	1970-01-20 04:43:08	Name: data-c-ts Value: 1655996090
.media.net/	1970-01-20 04:43:08	Name: data-c Value: k-seWt8XlMdZvXWokuKBazlWPjy6izS4GwI7u7qw~~3
.postrelease.com/	1970-01-20 12:45:32	Name: opt_out Value: 1
.liadm.com/	1970-01-20 21:31:08	Name: lidid Value: 05bdef02-7a31-45b6-8105-6dcba72a6719

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://banyanhill.com/wp-content/themes/Extra/core/admin/fonts/modules.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://e-10203.adzerk.net/ados?t=1655996087827&request=%7B%22Placements%22%3A%5B%7B%22A%22%3A10203%2C%22S%22%3A1087804%2C%22D%22%3A%22azk636362%22%2C%22AT%22%3A5%2C%22Z%22%3A%5B207087%5D%7D%2C%7B%22A%22%3A10203%2C%22S%22%3A1087804%2C%22D%22%3A%22azk580314%22%2C%22AT%22%3A5%2C%22Z%22%3A%5B207088%5D%7D%5D%2C%22Keywords%22%3A%22finance%22%2C%22Referrer%22%3A%22%22%2C%22IsAsync%22%3Atrue%7D Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://dynamic.criteo.com/js/ld/ld.js?a=73806(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=zGFYCulCRANSQRGIfQ6TFPAR7gyssPpZ Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-wrZJNnlMdZvXWokuKBazlWPjy6igw8LSbJ9fjQ Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
a1.b0e8.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
ajax.googleapis.com
amplify.outbrain.com
api.getblueshift.com
api.userway.org
assets-tracking.crazyegg.com
banyanhill.com
bat.bing.com
c.bing.com
c.clarity.ms
carl.pubsvs.com
cdn.b0e8.com
cdn.banyanhill.com
cdn.getblueshift.com
cdn.onesignal.com
cdn.stickyadstv.com
cdn.userway.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
dis.criteo.com
dynamic.criteo.com
e-10203.adzerk.net
eb2.3lift.com
events-c.mb.banyanhill.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
itm.itstracking.com
jadserve.postrelease.com
marvel-b2-cdn.bc0a.com
match.sharethrough.com
mug.criteo.com
myalphaspace1.com
onesignal.com
pagestates-tracking.crazyegg.com
partner.mediawallahscript.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s3.amazonaws.com
script.crazyegg.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.adzerk.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
tags.srv.stackadapt.com
tr.outbrain.com
tracking.crazyegg.com
trends.revcontent.com
ups.analytics.yahoo.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.111.242.245
104.45.184.134
104.75.88.126
13.248.245.213
141.226.228.48
142.250.185.162
142.250.185.98
143.204.89.72
143.204.89.75
143.204.89.96
143.204.89.99
178.250.0.157
178.250.2.140
178.250.2.151
18.156.0.31
18.193.215.198
18.235.141.125
185.33.221.11
185.33.221.15
185.64.189.110
185.86.139.89
2.18.234.233
2.18.235.93
20.234.93.27
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::13
212.82.100.181
23.35.228.247
23.35.229.86
2600:1f18:444a:4602:dc9:5139:b20d:8eb0
2600:1f18:612b:4232:40ff:2de3:a398:119a
2600:9000:2156:2a00:1b:5138:8a40:93a1
2600:9000:2156:6800:13:4c2:d400:93a1
2600:9000:2156:e600:7:abf4:f200:93a1
2606:4700::6810:d03f
2606:4700::6811:180e
2606:4700::6812:e234
2606:4700::6813:9308
2620:1ec:27::cafe:2133
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::200a
2a00:1450:4001:829::2013
2a00:1450:4001:82a::2008
2a00:1450:400c:c08::9c
2a00:1450:4014:80f::200e
2a02:2638::1c
2a02:6ea0:c700::20
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.251.15.4
34.111.78.58
35.190.5.192
35.201.125.192
35.209.5.166
35.244.174.68
44.228.83.169
52.217.169.184
52.22.221.234
52.30.1.181
52.36.112.43
52.48.114.92
52.48.92.112
54.161.143.126
54.243.52.94
54.84.45.101
54.93.141.89
69.173.144.165
70.42.32.191
74.119.119.150
0066d11c6a3921da274c40040b4c36c21c688c7d1eaad3d7d8ac202152ff610f
0238e48ef02a285ad456f6ccd089b882d57687e526a8e43c236cdd5d12cba218
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06d4463517b7fc10f33fc3416cbfa376c2903b53e934b1647d17e5649b7cea89
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
09be14bab0923658036490b3c8d2d52aa6a269e5743c3f904bf56c4ffdaaff45
0bb21a0a8ea437744dd848ce70ce9610c9b291057c98aef6088d63c7492a7998
0d5ebed721a81284859b160b8f57ea9e3a595d194d4738125e578b69c6278e8d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12878c5e14643c4260523cb8988dad5dde802ebfe236020b49a5ed17ab0e5068
135092bde5a99852e036d26f5168c66bdf73da98b116f3d986ac1947e16a8db6
1506033b1476242cd09c3df47ef849708e911696e8bb9a412ce7af7525e134a1
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a9df0e30704e3f22c22bcf30a3c554a48aa9e660ced08626bfafae1c6525e3a
1b70442a2fac7e63b6019ea409f5eeceb4f2dc2ade831d7350d72316b8c6ee1e
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e029fe27e9c7187d39308c6e1f4934604f1f2840f05fa2066124536f149fae8
1e26a5e79934349d46039dbe84f9dced61e8eba2bf144c6af68e1985286edc26
1eab194c0cbe03aae9e0c073dc85f20e7e436e4ff91230434876003f4d46de8a
21c7b4a55ddcf0f40806dbec924729bd87dca55501380f6e6069b9f6e3492437
220af1ef78cf772eb36f09513fc5b8538b8edaff7ba01b5e93170b51966889f4
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
258f27d32db80bfede9c06920719778d140049f12bf05d48f2219bf062d9395d
25fb121e6d7277315aef6000e9c8a13cacbfba555f7e9d873431649506008fd7
260b040e4641ec0f01c0f4eb2c3e2f4ef2ebacf67ca691b1c0394c861a3f23f0
294c559aebb5b441f08be557454e2e38c0574477f87ed59f49c8dac563248f39
2abc07f83e0a9c350b5580983d7eb8249eb5848c40e4762770297b9e67eba974
2b099eb5e34bb26a13dddcf61053924e0e2d41e8374205a0a672f1acf2cab9d3
3037d25b7bbd2467573f98840f8d7d50dfc0c9356a4a6535d5723b947aef7200
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
33940e90ec82d9a5315515fa9a7da1a22ba056cb32437697657ab9028823b4c4
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34ea8a6e2ce6780fc080d92d2b3be6798d83b8b3d928d77ed3e012d616dd1eed
376d44808acd2b60c5760852130d50d9392c070a592bb26acad6baf6f99b6f3f
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
3c3c65f927da48a919f53c62fbfb1c76bef32c8766923e8a02b618d7f793c42c
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e2fcba67507c1605a95eefa0411318b0b95bff7c7d93a78f3065b742f0914a0
404fc18fe6086e2b4ab9cf9eddf81daaceb490ebbb504b516092a7eb156e929f
41b6218b59ed4f01d3403b79b56c49fe39490b901a5964b23c3bd0f67ba51dc7
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43b5c9ad80f0a5d1c63568583e9cf6cd5ca8454a680f4ee80d5d63d00b15a360
46a5e898fd43ed2b5bcc510c4f01f3d8928a9c5fe182b68e4fa191e318c86ec2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b99df6dac71d67c7c6b938fdce2eaa97a18ca39227fb2e7b6064594c74dcb45
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea2d65eb065c494cac66480b3424e8ed83df7ce9f351ce7904f587c86892e9b
4ec973587aa2b7b78acc246c9165c7d5333e8522b4ab5f91027142ab45ab5d84
51bce81cb8ad6140d00ce7215a53b80b836af8b868cd102d608e906511311ded
53623528b30237d8b602c4b67204b09e64cba6e3f8e7c6fb99e416eceb2a3bb1
54018d930bba2f850585a4f0b5f1d0a3bb4ada0a9bc364bfdc21ed9928a254f3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559efbda0a936bc1b3c215ba9836b70f5e90c312970f7464b759171709d50e82
5741cfcbdeec21a37cdc6efb5dfca04034460249521b4baab5e7d7defb84921c
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
586376cc62d24636c538661fb625d9cd9b2d1830465b66569cb94bca3bb0f033
599553171f43f3437b63391b997d35b74a9fc5a8366561d48e4298be6bc5f63d
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5eee1e6789bc63dfe2a55ee34e1f8f32a67cfef24f812c2fc2e8a7ca9d0b0cb9
615206bf20b3dc6168e43f67b57932bbca907e11373fa38721fcb2587e70a2fc
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
686ff132c0ecb9659a3ac8d2497766122408aae07fe9142d25210c6496dff380
6a766878cfcdcf3b7d5b18aa8cf9ce5624799cbdb819fa6d01c32335ff64cb4d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d0748d77c501a8debeb0a11bf810f547ae3d415643fb8185ac382df071734f1
70ed6134148dda36a0f06fdad9507d6b368e411a60e9222857b7d95b563243a6
72b8bd5c6108d511b2f00a499a7be928c26dfe9fb01a618b2f26cf5a43167a02
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
798a8d0609f5d0b0110df6d749abe4e441ab95d41f012bc84faa671b0ba24bcd
7a65217f8529b5f38488d52e9c6941e9dc1488dac71f52dfec48875f13fdb256
7d13075eb462bd2f6f2720c431e1c64bff827de6a8d8213f14c45901bab67820
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e843ffb619170cd2c6f28a5b348fc6fa67624c851aafde82d42fa0e45fef277
7f93e263ad4bc92786a6317255283eff2be7a4e9ed0d812751d1fdd6ecfd8fe0
80b0b9557bb9454688477c20b57d791aba2b5e78984b7e2a202e1db6b01fb8f2
80fa756dda143f69fb3ce750e905cc8188150dc4c6b7539bf3627fe26530b405
821b95ee2680967cd414f8595b8b56e6c75ec0d5518b736e64aca1519ee7d2f3
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83d538cedbe77753779e1a11038fc1f2a6111a765850e7bbe691631aaf306bfc
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a46b595203d5873aff28414bca99e94d26bab1b527407f4c24cea6d2c294bca
8aa696a6d76ad2c1efefe9ae88e1f83075174b3e34e1a85b803506c3be5e6a1f
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
8c8f0144e6fe8ddf98243a817fa221654be496cb497984073ac1ba8eaf418156
8c935e571c95c86d40e017da60b851cc3925f330ca27949aa01a6b9be31026bd
8d3f8317ad8d1a787de94f979e530f899e65391b4da6c1f910a3abf452fd9180
8d949f95fc6dc832d97763beb0b05545ad46af676e66c10a8fa3b3377e7836d4
8fc0905aeae2e4f15bcf20159860b5c1059be9468708cf31f7009887643af5ac
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd
937a994fdaf1bc396f4b2f63848c10d9cb4f33b4698bb736c8d9894ebd021d2e
93cc9435e27506670af0bbe13216970ce2a78cff112642ff2f63b0484846d13a
960d1f95f71be9bc4c13e06c200762c60cdc944d3289687f9d9faa6cf7b17506
965fc05b277596a937ba9d14388799fd5217eb96179f0187b8b937347bdfaf59
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98c0f7683a7479e876135389dc8d1f9e88b45f26ba37741d532d436ddff24529
98e053eb3e96686cf8a78b8f96b8d014bd37cee20fe44116b7dcef914588d460
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b
a058c1724cf945f5c5d02681ceb956fd254e1f331b9f6aa57080832003ae114f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4ed6192a5661e60f1dd77d79b4024b6315008210b15b6162835108e008c8866
a4f3da5a3d59bb26175dc72aa762a9cd9178600a9f5218e48027813c29d1fd3b
a55db20c8f85fedc0ea8b6ec978c2353c8cba9184edffb0e3ae16f0a220ad692
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a78520f25323627228481f48b701379bbac20fdacd0529cf092837c1a3593153
a8d49d420df5bb39ab20c587880f1c392b7468a5ea3c352b191ec840d1f3d967
ab472e13e5fd8a0a0e16fa54f9ee5719a31a4846cbe23b14cc389820086a3ee9
ace40f0ad368698620529f2d904ed5b63eb37b0aa24d9d667a4f4e1b8aa20605
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
ad99539f9551faf9e9393a9ebed9a009b02ac9c21f4573616f12f88a9e95678a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b154f7789dbc5a452454d67af01eeb33aab6c0e632c2b5d1937f4a67b50f8019
b5b80768b092f3ee9c56f9f20965b4d88bdcfca464a2a5feefababcfc3dd9d87
b952b7cf4dd78b5a73326ac7eaf18b9e9ffd06cadff2a54fbe5eaba7c8a42d30
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc45bd939ed7914eb25aea41962666969baedd398485f1dbd76699d220f01153
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf4f226d19d20d9f3e5a9c3d4939a748f95ab117f98578d73c5e878142107643
c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27
c0867466ac1be23f9c1beabcf59c23a323c3a408bdbeafb4d8b2e72f9d00fe09
c13ac5a307063143bfce9cd1b4127aecf18da8f21db87d566dbbf86393114b6b
c152a2f93ff6ae50acd78fe23dc225561c3247bda5ccb5ad5d89dbe542ef4b93
c16e6b3e840de8c1cf4cfba79e90cc43df0d802881b7b37e7ce2e4deb5107e35
c237d7473186c1d44f165d8c58ee49d079086b3474e0834a5fa4338e7d277416
c3671432b4854d85d7ff77d39a91fca0eb221bb4b3ad37383d5d0e8fc5d95ea6
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c6e60b97dfbe2c98b74c92adc034d7f655da5d6e5579b4ffb3f1812745e7c3a4
c7ae6de54a900606ad8a14cc721384d9038f1f2f0442051969f3fb35b0070911
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc6010e2b0cc06e863e13d87d8a1fc58b6ced36a8e7d4d46dc2d4b8961f991f6
ccc64eb4a91b2bda28f92aef8697d6f0a94cda4756272b2b94b2f3ce58a4bbb2
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf8c10a6ce0c7bb56f5026c2c79aa23e98eeafb5e9fcb1835a1339ef9ff5ae4f
d1a444460ccad758f324c1ea3c1e26776c18607fdef7a3af6495eb9832a4a759
d45d464223e8979c4ef8a378e026fad3a4bcff556fab4a1d611a24347b833674
d6e9d347fc3440a53bae1ed1cf15aa76595b223cc069fa8baecd9d43bb4b6e64
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e03af8182fa6236495864237a24c1e3b2096839cd9d1d28121899afa8015dc1f
e0911f5431f4b0fefc5b5672a702daf3c67d35e374dd1c07853396adb43a0b19
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a45f0685bbf38fce14b06607671ae99953633ddb70a943f1d5e578937b004
e47eb1c7fc4df054c934ed922847d6cffc8204bbd861ad1d0f3a6bf0a6115fd3
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e7ba80a221ccb4edd79e4fa774949a6683ce88b8ff45f71466aa44b12c0d3a9c
e803cef0ceb0a4fb09354dc0a97dbee2ef087d7b4e92e75ab6544914573ba4c6
e9280e8767512295a83dfc018d27bdec6ea438b8dd94c589ee205fc0e7d203bd
e9acdc33e6feb5a5b9f86850c64e7998ed7f7afbf90e49debc61c038ab0ce070
eb4e47c6d3e16768233b559d2b81f13103b6554026ce53f5c9bfb62f42e5ba13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f04eb761db5d8721344791557f6a3d2bbe48e7eea9b78843aa2b8024a50a4df1
f1c7f6a983002a988933c4bf53c6513fd059d39ed64ace9919ab8e404ffb2ccd
f3c92790452e080beaea7b6f83a227fb99a917bf688c14e24fd14a4e10b81ff9
f3c9655e73c3cad1f691b686125ec69fb8a29e0b603b688426d0f8dc37ff2cb5
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
faf92f241d22c776418da17d96c9f418a932b323bbfd9a472081f6ae19bfe352
fe11bb0de6fe95c950bf8de1dd00bc589824bcf775f7c8afcc4ab3f6c245302a

banyanhill.com Open in urlscan Pro 2600:9000:2156:6800:13:4c2:d400:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

269 Requests

93 %HTTPS

37 %IPv6

51 Domains

79 Subdomains

70 IPs

7 Countries

2199 kBTransfer

6794 kBSize

63 Cookies

11 Outgoing links

Page URL History

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

banyanhill.com Open in urlscan Pro
2600:9000:2156:6800:13:4c2:d400:93a1 Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

93 %
HTTPS

37 %
IPv6

51
Domains

79
Subdomains

70
IPs

7
Countries

2199 kB
Transfer

6794 kB
Size

63
Cookies

269 HTTP transactions
1 data transactions