rolanda.c21resultsteam.com Open in urlscan Pro
34.217.182.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rolanda.c21resultsteam.com/
Submission: On February 07 via automatic, source certstream-suspicious (February 7th 2023, 1:15:46 pm UTC) — Scanned from DE

Summary HTTP 85 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 85 HTTP transactions. The main IP is 34.217.182.168, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is rolanda.c21resultsteam.com.
TLS certificate: Issued by R3 on February 5th 2023. Valid for: 3 months.

This is the only time rolanda.c21resultsteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	34.217.182.168 34.217.182.168	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:929	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2600:9000:230... 2600:9000:2304:8200:c:7a7f:d040:21	16509 (AMAZON-02) (AMAZON-02)
3	54.231.234.145 54.231.234.145	16509 (AMAZON-02) (AMAZON-02)
3	13.224.189.42 13.224.189.42	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
5	34.196.127.143 34.196.127.143	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	13.224.189.4 13.224.189.4	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
2	35.186.241.51 35.186.241.51	() ()
85	21

6 34.217.182.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-182-168.us-west-2.compute.amazonaws.com

rolanda.c21resultsteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:929 (United States)

ASN13335 (CLOUDFLARENET, US)

js.convertflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.convertflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2304:8200:c:7a7f:d040:21 (United States)

ASN16509 (AMAZON-02, US)

d2hnwe88wt837l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.234.145 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

yl-clients-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net

perfalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.196.127.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-127-143.compute-1.amazonaws.com

widgetbe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.224.189.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-4.fra2.r.cloudfront.net

api.perfalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.241.51 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cloudfront.net d2hnwe88wt837l.cloudfront.net	553 KB
15	perfalytics.com perfalytics.com — Cisco Umbrella Rank: 36175 api.perfalytics.com — Cisco Umbrella Rank: 38632	141 KB
7	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 361 ajax.googleapis.com — Cisco Umbrella Rank: 295	264 KB
6	c21resultsteam.com rolanda.c21resultsteam.com	510 KB
5	widgetbe.com widgetbe.com — Cisco Umbrella Rank: 120391	273 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 351	12 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	234 B
3	google.de www.google.de — Cisco Umbrella Rank: 5986	625 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	625 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	226 KB
3	amazonaws.com yl-clients-prod.s3.amazonaws.com — Cisco Umbrella Rank: 394543	38 KB
3	convertflow.co js.convertflow.co — Cisco Umbrella Rank: 43290 app.convertflow.co — Cisco Umbrella Rank: 49987	83 KB
2	mixpanel.com api-js.mixpanel.com	474 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	136 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2931	18 KB
85	17

	Domain	Requested by
17	d2hnwe88wt837l.cloudfront.net	rolanda.c21resultsteam.com
12	api.perfalytics.com	perfalytics.com
6	maps.googleapis.com	rolanda.c21resultsteam.com maps.googleapis.com
6	rolanda.c21resultsteam.com	rolanda.c21resultsteam.com d2hnwe88wt837l.cloudfront.net
5	widgetbe.com	rolanda.c21resultsteam.com widgetbe.com
4	bat.bing.com	www.googletagmanager.com bat.bing.com rolanda.c21resultsteam.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rolanda.c21resultsteam.com
3	www.facebook.com	rolanda.c21resultsteam.com
3	www.google.de	rolanda.c21resultsteam.com
3	www.google.com	rolanda.c21resultsteam.com
3	www.googletagmanager.com	rolanda.c21resultsteam.com www.googletagmanager.com perfalytics.com
3	perfalytics.com	rolanda.c21resultsteam.com perfalytics.com
3	yl-clients-prod.s3.amazonaws.com	rolanda.c21resultsteam.com
2	api-js.mixpanel.com	cdn.mxpnl.com
2	app.convertflow.co	ajax.googleapis.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	d2hnwe88wt837l.cloudfront.net connect.facebook.net
1	cdn.mxpnl.com	perfalytics.com
1	ajax.googleapis.com	js.convertflow.co
1	region1.google-analytics.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.convertflow.co	rolanda.c21resultsteam.com
85	22

This site contains no links.

Subject Issuer	Validity	Valid
rolanda.c21resultsteam.com R3	`2023-02-05` - `2023-05-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
perfalytics.com Amazon	`2022-09-11` - `2023-10-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
widgetbe.com Amazon RSA 2048 M01	`2022-11-04` - `2023-12-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-16` - `2023-02-14`	3 months	crt.sh
*.perfalytics.com Amazon	`2022-09-11` - `2023-10-10`	a year	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-28` - `2023-04-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://rolanda.c21resultsteam.com/
Frame ID: 28C5C7EE1BB333954DDE01F77D1A99D2
Requests: 77 HTTP requests in this frame

Frame: https://widgetbe.com/widget
Frame ID: BEC4D2993D2FC42FFB3FDB3B80776D81
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Search

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

100 %
HTTPS

71 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

2278 kB
Transfer

5783 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
rolanda.c21resultsteam.com/ 485 KB
58 KB 634ms
268ms Document
text/html 34.217.182.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rolanda.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.217.182.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-217-182-168.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: be7ef9c332c2ca95a979ff1bf4699e69e2611c3c866b3b9d6021cc03c1322781

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 13:15:38 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 28791.js Show response
js.convertflow.co/production/websites/ 455 KB
81 KB 418ms
387ms Script
text/javascript 2606:4700:20::681a:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.convertflow.co/production/websites/28791.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f2e83774756cfe7a9403cdb4dda01679b046b655933587b70e5bd93ffcfc398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:38 GMT
x-amz-version-id: D5YOFUY8aRiLpFaBGX3It9xYInlDmUfy
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y6WZHV464ZCPJ0KA
cf-polished: origSize=662162
x-amz-id-2: kVt3qUXat+xZVSpSqC/uIZSJNKMlqtd1YQTT02dJnDppEC12cLj4uqwAZIvcWITXawqSjR+g9is=
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 17:45:00 GMT
server: cloudflare
etag: W/"89b4ae339ad0daa01a08fc546c581e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pI5Unbee1g6Vx3bhBAXvdUdXQgVnocSGKeG8Mr4ZcoZvDA%2BlgdnqEQiYfmglBot%2F%2FJf9trPLt9F%2FncDfUa9UH2WkKevh206vAI9DDquhdZrEVwvffSbD4nEN%2BGQ0oZDBz5aflSwDs1MvNhvlR1V"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=30
cf-ray: 795c653e19f12c4f-FRA

GET
H2 200 060fd4c20854f0aa41b0.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 966 KB
297 KB 74ms
20ms Script
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/060fd4c20854f0aa41b0.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5332792a6b4dc41f74a5c81e8866c9570762fc150571e4d7b787379f7d3a7c41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 18:18:57 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 18:15:45 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 586602
etag: W/"d1408dd01f3526329c2656f65e9f5b7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: wrHdFvHdlUR7pDPk6L7kHzLHbvbsD-xVHD3taUZM978gVbFiyoCVkw==

GET
H2 200 08ef948fde721fc00478.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 443 KB
112 KB 74ms
20ms Script
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/08ef948fde721fc00478.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fedecd22aac7afd4962cdbf8b73e5494c690f506310c4124c649a120b719774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 20:10:40 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 20:07:48 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 407099
etag: W/"2c61aa5a1c0a60943c76b72f2df4ab3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: 8dEwLuIySTJPr4vrgsChGyn2DO3ZfSPIQo6D65YkEU3WaR7Tdlrn1Q==

GET
H2 200 3c4b90fb06f406220eed.js Show response
d2hnwe88wt837l.cloudfront.net/build/js/ 3 KB
2 KB 74ms
21ms Script
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/3c4b90fb06f406220eed.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dea127d1a184ded7c443a0d60944a944904e7b6490c2b2f06420c2801704634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 18:18:58 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 18:15:45 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 586601
etag: W/"f952d6e678661b8a2fc7b355fb837588"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: xTMCwmDhGe1A5zDBsvaYmOA98Gi42FSSSkRk--24v1gf6o8Fgw6_uw==

GET
H/1.1 200
OK 4310fd21-9933-49f8-8ad8-654293f98943Terry%20Swanson%20Header.png
yl-clients-prod.s3.amazonaws.com/ 26 KB
26 KB 327ms
115ms Image
application/octet-stream 54.231.234.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/4310fd21-9933-49f8-8ad8-654293f98943Terry%20Swanson%20Header.png
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.234.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2839dacab949e77b39bf40b76aa1cc7370f437996faed2a2734b7d7e7028a1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 13:15:39 GMT
Last-Modified: Wed, 01 Jun 2022 02:11:17 GMT
Server: AmazonS3
x-amz-request-id: 41AY77R2NJBH9R0X
ETag: "65aae67290dd1f4d68151e1dc3289137"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 26661
x-amz-id-2: chQ2r0ZOvUL2iM2HukaZGeUwPbCqN+VByRqKVQgp3wqa7xAdauSzbWQTQNmniS6+4qDL0rnnIxY=

GET
H2 200 freshpaint.js Show response
perfalytics.com/static/js/ 99 KB
32 KB 50ms
8ms Script
application/javascript 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/freshpaint.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-42.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8573f21d089b36019c5606e0e247d3ff654c2560eabe44f48fdfaee4cff36918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:16:06 GMT
x-amz-version-id: LtHdR7iFbJrLXwkbowO2GBa38Bwc_gyA
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 23:16:00 GMT
server: AmazonS3
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"71a0724767bea2212b0cf334aa8c461a"
age: 50373
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: d6ECEf-owQdEvKgX-vJO7ok-06MUUAJPFEhlwtKFSvDjmpeUwpnu7Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
75 KB 150ms
66ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ddae9b0e1aca277d6792c00a5851dbf8da9d7816be4b07449cee93f8b5c9806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76828
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 13:15:38 GMT

GET
H2 200 6077b0f8a54b24095df1.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
1 KB 57ms
23ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/6077b0f8a54b24095df1.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:42:43 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 18:31:13 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 4707176
etag: W/"d0fec36649740e4a3023b6c48939662b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: JCAuBCyVn2a2kfglw_b9_Rf2CzWWuviHUiUz69uo3BuG7ly5TkrCuQ==

GET
H2 200 5319865036f25cb1c4d1.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
19 KB 94ms
60ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/5319865036f25cb1c4d1.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:03:52 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 19:59:41 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 4295506
etag: W/"d6a9b549578b6819f6cccf3470782d05"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: 2dipXmFGqzc5DT0Z7WeVN3at7JJTyQP83K25pKOiYy5eciB8TAHUFA==

GET
H2 200 7d87db9e15e5bb8a4f90.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
24 KB 56ms
23ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/7d87db9e15e5bb8a4f90.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:03:38 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 19:59:41 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 4295521
etag: W/"1ee20d088e12d993d97b845f9a816ecd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: f8qrHuapQxM-rHFWO8oXk-IKF1cfTGTEE6aiFUeBFQMfkAh3Tpy_3A==

GET
H2 200 9a55175697730b65b1a8.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
16 KB 70ms
65ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/9a55175697730b65b1a8.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:59:06 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 18:53:46 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 2484993
etag: W/"f61da7e4fe9807d27192a86fe75851cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: kao2fiHjGDNIIlvLMRheDClilvhwXGfKuBQXw5IF3kXSeVAMhi0deA==

GET
H2 200 097203d79b322b05d490.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
4 KB 71ms
66ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/097203d79b322b05d490.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:59:06 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 18:53:46 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 2484993
etag: W/"695f9ef72e285d8788a2272a863357de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: h0T9R7PhAafNClOwFVjSXf-B1kt6eudvFJtN3cmAPtlpwcsCiNCRvw==

GET
H2 200 313a7ec8958bd417401e.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
25 KB 73ms
71ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/313a7ec8958bd417401e.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:56:41 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Thu, 26 Jan 2023 17:53:36 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 1019938
etag: W/"71c3c0ecf0a030e26fab6dca6f99563e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: LfO2dzNG-3b6a530T4UozTBPK81WcLVC-zZLjdMbHnt24n-NQQoH6w==

GET
H2 200 f43b135db12a0058dccc.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
14 KB 69ms
66ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/f43b135db12a0058dccc.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 01:19:30 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 20:57:20 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 2116569
etag: W/"630ae23ed2004ee1ed97177e89fab86b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: -deKf5zKh4w1Oz0CepLrlrux8_myayDC-geds0HttAzMdp7JQATUXA==

GET
H2 200 8a4344d64733071ec5d1.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
3 KB 70ms
67ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/8a4344d64733071ec5d1.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:59:06 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 18:53:46 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 2484993
etag: W/"def89f5ed87f6aea74913ca5b3a6d07c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: Ar0xBxx9aM7tTjFRQIhbOpm92UGOP6m1anT5r34AhLZlQFHlKNIwWg==

GET
H2 200 5653286c4fd39fb4e920.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
10 KB 70ms
68ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/5653286c4fd39fb4e920.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:03:52 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 19:59:41 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 4295506
etag: W/"3988461ad7ad0029ce09460d63a17539"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: VIz1dgq9t_lmtRdfWpvgMTjjJXJyqZ08wdNVpk4xcpcOpoLY-wOYpA==

GET
H2 200 610bc84a70b234a41311.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
12 KB 71ms
69ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/610bc84a70b234a41311.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:59:06 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 18:53:46 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 2484993
etag: W/"05a916e0d49838b81e3d299485a6490d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: YoqtOCmBkQN8sFPe8yv3F2WljQstMTa2W3Ds98zxh-fGvW307wYelg==

GET
H2 200 f7f38c959596e328416a.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
4 KB 73ms
71ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/f7f38c959596e328416a.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:59:06 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 18:53:47 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 2484993
etag: W/"953892f27c0289905b5ddef0fcbff44e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: rcY-DvZaa67dXCnN7OPYq3CAWInFmqmvQFaOqmBD8NsO6FJByxyM4g==

GET
H2 200 08b2188b499f06c1505f.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
1023 B 71ms
69ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/08b2188b499f06c1505f.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 20:10:41 GMT
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 20:07:48 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 407098
etag: "f153c78d839388c3565b7f6afd151fb7"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 674
x-amz-cf-id: 3rdjykKb8d57E9fUvSBu6uW3Pt2fukd0Rz_MGU8e4k-o280FpuuQqA==

GET
H2 200 3c4b90fb06f406220eed.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
2 KB 72ms
70ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/3c4b90fb06f406220eed.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 18:18:58 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Tue, 31 Jan 2023 18:15:45 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 586601
etag: W/"f952d6e678661b8a2fc7b355fb837588"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: vIPzMbTWh-_8iCnt5GGhFy6A7KjJfPVffYNFsM_HKIoFok0-EypByg==

GET
H2 200 900b46cf8ddfdd7c1791.js
d2hnwe88wt837l.cloudfront.net/build/js/ 0
6 KB 72ms
70ms Other
application/javascript 2600:9000:2304:8200:c:7a7f:d040:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hnwe88wt837l.cloudfront.net/build/js/900b46cf8ddfdd7c1791.js
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8200:c:7a7f:d040:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 03:10:35 GMT
content-encoding: gzip
via: 1.1 581d2b2095e9ae9fc9bd8c38d2258832.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 20:57:20 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 1159504
etag: W/"82769e4c218f45404c7ec517e0153d18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=5184000
x-amz-cf-id: xx3goixe7V4l7euSkqF9QROjGZ1ueyhNWW-taarNnG3a5zhUoCDa9A==

GET
H/1.1 200
OK home-hero-sm.jpg
rolanda.c21resultsteam.com/assets/images/ 389 KB
390 KB 718ms
361ms Image
image/jpeg 34.217.182.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rolanda.c21resultsteam.com/assets/images/home-hero-sm.jpg
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.217.182.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-217-182-168.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 8b2e6056077d418b180e15faefddef44ed0774dda607d40e16da50ad6ab273fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
last-modified: Fri, 23 Dec 2022 18:36:38 GMT
etag: W/"614cc-1854045daf0"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 398540

GET
H/1.1 200
OK open-sans-500.woff
rolanda.c21resultsteam.com/assets/fonts/ 20 KB
21 KB 522ms
177ms Font
font/woff 34.217.182.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rolanda.c21resultsteam.com/assets/fonts/open-sans-500.woff
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.217.182.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-217-182-168.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 60cae4613964231b7536e02ed12711d7580b84de426cdac5a13ff57cc5bdd80c

Request headers

Referer: https://rolanda.c21resultsteam.com/
Origin: https://rolanda.c21resultsteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
last-modified: Fri, 23 Dec 2022 18:36:38 GMT
etag: W/"512c-1854045daf0"
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 20780

GET
H/1.1 200
OK open-sans-300.woff
rolanda.c21resultsteam.com/assets/fonts/ 20 KB
21 KB 700ms
351ms Font
font/woff 34.217.182.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rolanda.c21resultsteam.com/assets/fonts/open-sans-300.woff
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.217.182.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-217-182-168.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 0492eed13f4292bcf2f9f412d3edb5451df8f57a3d3647122c34b212e5145311

Request headers

Referer: https://rolanda.c21resultsteam.com/
Origin: https://rolanda.c21resultsteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
last-modified: Fri, 23 Dec 2022 18:36:38 GMT
etag: W/"5114-1854045daf0"
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 20756

GET
H/1.1 200
OK open-sans-400.woff
rolanda.c21resultsteam.com/assets/fonts/ 20 KB
21 KB 699ms
350ms Font
font/woff 34.217.182.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rolanda.c21resultsteam.com/assets/fonts/open-sans-400.woff
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.217.182.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-217-182-168.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 22459e1de13b29a9997c47434287b7b07bcd58013dc71c6fa14637b0d46d469c

Request headers

Referer: https://rolanda.c21resultsteam.com/
Origin: https://rolanda.c21resultsteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
last-modified: Fri, 23 Dec 2022 18:36:38 GMT
etag: W/"50e8-1854045daf0"
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=5256000
connection: close
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 20712

GET
H2 200 b6bc3e1a-cd18-40ec-a7f6-45bc74e949c4 Show response
perfalytics.com/event-definitions/ 102 KB
11 KB 235ms
215ms XHR
application/json 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/event-definitions/b6bc3e1a-cd18-40ec-a7f6-45bc74e949c4
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-42.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10737d0b323ce48445b974eedde4b4fd3de6ba62c806acbcf171e74cd21124d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
x-amz-version-id: H_sLq_lOyCnALxO2Y1VFZMnVoe5Gzfa.
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
last-modified: Thu, 19 Jan 2023 02:22:26 GMT
server: AmazonS3
etag: W/"b735557f9d9cddc2d5f6e45493d6eafa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60,s-max-age=60
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: vgDkhQhyCWWWBjYALhMh0GghAoIVx3Pjbxh0v2wu8WwGnsbR5iU6Bw==

GET
H/1.1 200
OK 6e0e53aa-7325-4736-8849-ae36467ee6e0Terry%20Swanson%20Footer.png
yl-clients-prod.s3.amazonaws.com/ 9 KB
9 KB 316ms
127ms Image
application/octet-stream 54.231.234.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/6e0e53aa-7325-4736-8849-ae36467ee6e0Terry%20Swanson%20Footer.png
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.234.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdd894a880fc6a1e02be92294a826468035ff8903d745f26d12e9fd6904b183d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 13:15:39 GMT
Last-Modified: Wed, 01 Jun 2022 02:11:17 GMT
Server: AmazonS3
x-amz-request-id: 41AKJ8ZHJXSAF9MM
ETag: "f15fe81013b81939238c9729720c7d8d"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 8881
x-amz-id-2: EYwxdM3ZU5dkTjN9XMMJWp6bfw319b5yNQ2iGamQf1MZ8oJVl7rDnMslB1Ij2pDhheynAyhggBc=

GET
H/1.1 200
OK 091d12b8-285e-41c9-aac7-c79fdf5b6f3dequal-housing-opportunity-white.png
yl-clients-prod.s3.amazonaws.com/ 2 KB
3 KB 312ms
122ms Image
application/octet-stream 54.231.234.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yl-clients-prod.s3.amazonaws.com/091d12b8-285e-41c9-aac7-c79fdf5b6f3dequal-housing-opportunity-white.png
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.234.145 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: abb41bd6569f8db762dc436a6f0340b81e41ec980804c7d94904d89c3bdc57b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 07 Feb 2023 13:15:39 GMT
Last-Modified: Wed, 01 Jun 2022 02:11:17 GMT
Server: AmazonS3
x-amz-request-id: 41AQ6WYFPEFCMAGK
ETag: "35f78fd6290b782e1d85a95fe237a7e6"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 2244
x-amz-id-2: 2yxwq2mxweFAnnE7IN5sNwXzdpzyasfTs/ZBBieTNob/Lfr8VWH8WKtCzVwOCMtvh/QcGjz84Mo=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 108ms
29ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 13:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Feb 2023 15:12:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976173502/ 2 KB
1 KB 94ms
59ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976173502/?random=1675775738794&cv=11&fst=1675775738794&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frolanda.c21resultsteam.com%2F&tiba=Home%20Search&auid=1711995598.1675775739&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f76246bbe34dd4e1b0cee346002932964270019af1047bc46d37749535538a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 852
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 79ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 07 Feb 2023 13:15:38 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 05D1E0F0C0C94036AC9DB53477EFE65A Ref B: FRAEDGE1221 Ref C: 2023-02-07T13:15:38Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 61ms
60ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-773L8LSMPJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a85867bb289349d88ba9c8fed0b3e495e8280d9d875659f17152fb18b288933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 13:15:38 GMT

GET
H2 204 5561391.js Show response
bat.bing.com/p/action/ 0
117 B 637ms
637ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5561391.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 07 Feb 2023 13:15:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D2552E4D3A7D4F29B510A8C3F6C230B5 Ref B: FRAEDGE1221 Ref C: 2023-02-07T13:15:38Z
x-cache: CONFIG_NOCACHE

GET
H2 200 /
www.google.com/pagead/1p-user-list/976173502/ 42 B
455 B 132ms
54ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976173502/?random=1675775738794&cv=11&fst=1675774800000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frolanda.c21resultsteam.com%2F&tiba=Home%20Search&fmt=3&is_vtc=1&random=1833501522&rmt_tld=0&ipr=y

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/976173502/ 42 B
455 B 62ms
26ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/976173502/?random=1675775738794&cv=11&fst=1675774800000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frolanda.c21resultsteam.com%2F&tiba=Home%20Search&fmt=3&is_vtc=1&random=1833501522&rmt_tld=1&ipr=y

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 agent Show response
widgetbe.com/ 78 KB
78 KB 391ms
191ms Script
application/javascript 34.196.127.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/agent
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.127.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-127-143.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash: 23ce9b76e15ab7d4456581c8e2ca64ab0b1f9f3b261423652437c6517ae6fa9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 167 KB
55 KB 54ms
13ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e5e8640eec8861e19f8ac1fd48f6db05247513a2e006b88102d57121eefba5bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:59:20 GMT
content-encoding: gzip
server: mafe
age: 978
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55693
x-xss-protection: 0
expires: Tue, 07 Feb 2023 13:29:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 57ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-773L8LSMPJ&gtm=45je3210&_p=1601293184&cid=1969226068.1675775739&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675775738&sct=1&seg=0&dl=https%3A%2F%2Frolanda.c21resultsteam.com%2F&dt=Home%20Search&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-773L8LSMPJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rolanda.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 49ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/08ef948fde721fc00478.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Feb 2023 13:15:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: J9v8Xytwap7pgrEKhz+/i7WUOiUD7KNso1ok/66HmURaoqe9miK3jLvjUebCt6Sj42zbRsEikLpRtM8ObS0yaw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK activity Show response
rolanda.c21resultsteam.com/api/1.0/person/ 15 B
619 B 518ms
183ms Fetch
application/json 34.217.182.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rolanda.c21resultsteam.com/api/1.0/person/activity
Requested by: Host: d2hnwe88wt837l.cloudfront.net
URL: https://d2hnwe88wt837l.cloudfront.net/build/js/08ef948fde721fc00478.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.217.182.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-217-182-168.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
credentials: same-origin
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:39 GMT
etag: W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rolanda.c21resultsteam.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
connection: close
content-length: 15
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
285 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5561391&tm=gtm002&Ver=2&mid=0af0b5f7-b988-4094-ac19-bbb140224bd3&sid=840c1540a6e911ed8701895b7000174c&vid=840c3660a6e911ed980b230bfd63de90&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20Search&kw=Home%20Search&p=https%3A%2F%2Frolanda.c21resultsteam.com%2F&r=&lt=1013&evt=pageLoad&sv=1&rn=227133

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Feb 2023 13:15:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A45DE20DEE9646AFB9C8B3124C9C166E Ref B: FRAEDGE1221 Ref C: 2023-02-07T13:15:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 0
bat.bing.com/actionp/ 0
229 B 61ms
61ms Ping
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/actionp/0?ti=5561391&tm=gtm002&Ver=2&mid=0af0b5f7-b988-4094-ac19-bbb140224bd3&sid=840c1540a6e911ed8701895b7000174c&vid=840c3660a6e911ed980b230bfd63de90&vids=1&msclkid=N&evt=dedup

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 07 Feb 2023 13:15:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7651F2D4284346E8A1A646F99C4ED428 Ref B: FRAEDGE1221 Ref C: 2023-02-07T13:15:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
216 B 50ms
49ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1601293184&t=pageview&_s=1&dl=https%3A%2F%2Frolanda.c21resultsteam.com%2F&ul=en-us&de=UTF-8&dt=Home%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=353616000&gjid=1245625134&cid=1969226068.1675775739&tid=UA-58311306-5&_gid=1177512704.1675775739&_r=1&_slc=1&gtm=45He3210n81T3VB2GG&cd1=v2&z=2043308603

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rolanda.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: js.convertflow.co
URL: https://js.convertflow.co/production/websites/28791.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:30:40 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 59ms
29ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://rolanda.c21resultsteam.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 836151066530211 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 16ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/836151066530211?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

642ea03838aed3e8a784ce36bdf055b9aa77650eeebf24c03224c24b152c880b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 07 Feb 2023 13:15:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110529
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: i/5dqbjlu+RNFw2dqZoaaTHqTz/iwQek3iES9KaaPWagrhqniCW1sy9SrfgdNGqIa7fcP2m7ufBSLg3kFc9loQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
356 B 47ms
16ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58311306-5&cid=1969226068.1675775739&jid=353616000&gjid=1245625134&_gid=1177512704.1675775739&_u=YADAAEAAAAAAACAAI~&z=1463690255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Feb 2023 13:15:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rolanda.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 46ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836151066530211&ev=PageView&dl=https%3A%2F%2Frolanda.c21resultsteam.com%2F&rl=&if=false&ts=1675775739253&cd[partyId]=22587&cd[experience]=buyer&cd[isRegistered]=false&cd[partyWebsiteId]=101705&cd[country]=US&cd[currency]=USD&cd[value]=0&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675775739252.1241775446&it=1675775739191&coo=false&rqm=GET

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Feb 2023 13:15:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 794eba3e-09e7-4cf8-9c32-b4b25d15d8e8 Show response
app.convertflow.co/websites/28791/visitors/ 268 B
969 B 300ms
290ms Script
text/javascript 2606:4700:20::681a:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertflow.co/websites/28791/visitors/794eba3e-09e7-4cf8-9c32-b4b25d15d8e8?callback=jQuery36109871425083348597_1675775739262&visitor%5Bwebsite_id%5D=28791&visitor%5Bvisitor_token%5D=794eba3e-09e7-4cf8-9c32-b4b25d15d8e8&visitor%5Bcontact_id%5D=&visitor%5Blanding_page%5D=https%3A%2F%2Frolanda.c21resultsteam.com%2F&visitor%5Bplatform%5D=Web&new=true&_=1675775739263

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:929 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175bf7112532dc5f598f187f3af233c968350071d1ef5208a031e78a053f2ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 vegur
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: f442d9bd-0988-4bd3-a2de-8e59004c9c18
x-runtime: 0.005365
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"175bf7112532dc5f598f187f3af233c9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQbZ7NOUBOoKf6xiuzchnGinzbryfGzqIFj%2F1FpbgK2b7grnSqwBnZREP7drglq47UTixto%2BP317wBZdV6aQ4QiHlcKTRNWGKQz%2Fhedrr6HrJaSmZE2W46bUHmyA%2FoT9n3vk%2BzwhEyrUcncTsr1Odw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 795c6542789d2c4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 67ms
66ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58311306-5&cid=1969226068.1675775739&jid=353616000&_u=YADAAEAAAAAAACAAI~&z=1710680049

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58311306-5&cid=1969226068.1675775739&jid=353616000&_u=YADAAEAAAAAAACAAI~&z=1710680049

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrations.js Show response
perfalytics.com/static/js/ 387 KB
94 KB 21ms
20ms Script
application/javascript 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://perfalytics.com/static/js/integrations.js
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-42.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46fa0164da3459946b34afb89c6189b8164727a3a2dd6f2bffc2ade09663fcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:16:08 GMT
x-amz-version-id: vy8YBJyHh3YdSxs1zcx5.F53Z1LNuBia
content-encoding: gzip
last-modified: Wed, 21 Dec 2022 14:49:49 GMT
server: AmazonS3
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"44227cff6f42b81f9be75e88d2c0bdf2"
age: 50372
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 9_UK42jTZE6pq_sYDD-Tx-iIwCbDwiBMA_IYYHJ1WVqPfH5x1QEY_A==

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 477ms
442ms Preflight
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rolanda.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Tue, 07 Feb 2023 13:15:39 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-apigw-id: f-FHXF2xPHcFZOw=
x-amz-cf-id: ln12RoK4PqS1yhI-TliWkOZzQ3BAWMccRitDM5Z7wWIjaOIjcMNhLA==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: c10016b0-711d-4375-b118-560a2b292213
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 468ms
435ms Preflight
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rolanda.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Tue, 07 Feb 2023 13:15:39 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-apigw-id: f-FHXG5HPHcFxKw=
x-amz-cf-id: W5ou02yC8adgHRHYsC0fYLM0y6wvBmeFe0zH27X9iHIBa_N5a-m5kw==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 0ffb34fe-f2ae-49d1-b9bb-32e8ab4985ac
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 451ms
429ms Preflight
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rolanda.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Tue, 07 Feb 2023 13:15:39 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-apigw-id: f-FHXFHwvHcF3Rg=
x-amz-cf-id: PyX-9hEGEYswDWsSrrQRAdQdg_mJzO3MeBoa48rEHILPdP71E0aJZg==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: e5d1758f-85bf-4630-974c-6fe849515210
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 443ms
427ms Preflight
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rolanda.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Tue, 07 Feb 2023 13:15:39 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-apigw-id: f-FHXHQ1PHcFd_Q=
x-amz-cf-id: u8Fb8i232SFqFgBL1143pgDBTyssQ22jmnSv8ZKsYw36hpRBV8ktpA==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 6f45d349-2d44-44ee-9fbe-8fba6630a537
x-cache: Miss from cloudfront

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 597ms
583ms Preflight
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rolanda.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Tue, 07 Feb 2023 13:15:39 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-apigw-id: f-FHZGhtPHcF5HQ=
x-amz-cf-id: niBqMHdl84wuA8Q2DTxCv0yDbBOWFbxDGO41swBXmRlJX7r2qbTcIQ==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: b02e2f7a-cbfc-4242-9e39-36aeed31792e
x-cache: Miss from cloudfront

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
651 B 598ms
598ms XHR
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash: c5d27e7a01a4e79bad4c7632a26b5c6185864859019dc56640779d33e3928ba6

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Feb 2023 13:15:40 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 06d1c069-d2a8-44de-b0ef-9c90a5471bef
x-amzn-trace-id: Root=1-63e24efc-000686d961bcf6031f7f0435
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: f-FHdFShvHcF9xA=
content-length: 133
x-amz-cf-id: fmX9fNGntePs-Fv4joHcr5OxH-cffR7KeKHsNdWvLSKcEsa-O_Wzbw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
651 B 590ms
589ms XHR
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash: d548a16de9335ef72376dc82608ad0fb4ba51c134a83c1fea2f97d49dbf2e614

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Feb 2023 13:15:40 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: b3dcc008-eed0-4759-b3a1-5e97acbfe834
x-amzn-trace-id: Root=1-63e24efc-41fd34cf4d2d3a3c37d21121
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: f-FHdGCnPHcFy_w=
content-length: 133
x-amz-cf-id: AehdTTUaeoZT3gonfd2CICWBgrWbamxI2GR2ukmLDp9yDYk26XKb8w==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
653 B 582ms
582ms XHR
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash: f802fd812c6cc9a4f4e19fc01fe1fbe73b25dd01b168ce51dcdba9c41bc48436

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Feb 2023 13:15:40 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: b7b45cd6-c387-4639-8739-25c28a68702c
x-amzn-trace-id: Root=1-63e24efc-5bf2432842754f6c179352bf
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: f-FHdHZMvHcF6lw=
content-length: 133
x-amz-cf-id: MrgsHF3j-gArKd-vC5kJoNfcbZ8kq8l1eFgB8_7OvV6FUyrkzqzHHg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
652 B 165ms
165ms XHR
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash: a4bf0e9332da38bfeef6e840d2fad4e24d97e0f038bbd0bc2eb39631487e9434

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: b4a1a7fb-d629-4529-bf25-cad8b6d41274
x-amzn-trace-id: Root=1-63e24efb-2737345d1a842c006bc501dc
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: f-FHZGBgPHcFy_w=
content-length: 133
x-amz-cf-id: Cwqt5LmmaJImMawRGlxHXj4Jf3llEGbSyAe82-i5wMKHp0dZ8VF4Og==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
653 B 586ms
586ms XHR
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash: 7902d189baa74f6bee1080e3c15d7a448d62e6669c3ba603175b21f715c33c21

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Feb 2023 13:15:40 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 9d94ccfb-b074-4db0-9abc-38743fd63d5a
x-amzn-trace-id: Root=1-63e24efc-7ef1092f157249b059d663e3
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: f-FHeHptPHcFnQA=
content-length: 133
x-amz-cf-id: so2UJ9gABFgMOCXy7Qlfb0lv_igw7jGzwSO0NQG5vEDVBaBtHn3sBQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 track Show response
api.perfalytics.com/ 133 B
651 B 589ms
588ms XHR
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash: 5edd3f99dd4dc9e93f22334ebd598ed9ea0b0ec1b9aebef9310329c0ba05ed19

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Feb 2023 13:15:40 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: ccc6c1ac-9c38-4da6-95f6-568905b7b295
x-amzn-trace-id: Root=1-63e24efc-4905f9a13584210e078bcbfa
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: f-FHdFf3vHcFTQQ=
content-length: 133
x-amz-cf-id: m0_F1H8F4EPz3H2TQ6CMnjGr-L1BctxeoEgoENGvOV6NJgS9VEPG8w==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 track
api.perfalytics.com/ Frame 0
0 443ms
435ms Preflight
application/json 13.224.189.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.perfalytics.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-4.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rolanda.c21resultsteam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Tue, 07 Feb 2023 13:15:39 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-apigw-id: f-FHXF2IPHcFeRg=
x-amz-cf-id: MGakwdUXPyCAKUzxQ9-k_PgswBT9tn4dWfoIK95k-3iOOj1OHdK_9g==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: fe427c82-552b-4af7-b3b6-36b5ca461796
x-cache: Miss from cloudfront

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
75 KB 60ms
60ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3VB2GG&l=dataLayer

Requested by

Host: perfalytics.com
URL: https://perfalytics.com/static/js/integrations.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e6d53b932db2b8438728e80dbd1b1316e39155709a2378e069f79ec3ab868f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76846
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Feb 2023 13:15:39 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 47ms
15ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: perfalytics.com
URL: https://perfalytics.com/static/js/integrations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:12:35 GMT
content-encoding: gzip
age: 184
x-guploader-uploadid: ADPycdudVHurCFsSrA1T9XXv3QATGMQpWWk-5NH4kK9BR21wkI-s6trdL0d2qENWNwXELvwWEUt4_itti2aI-tCe5QcqAgwCTkT1
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-generation: 1645129310876382
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
expires: Tue, 07 Feb 2023 13:22:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 15ms
14ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836151066530211&ev=PageView&dl=https%3A%2F%2Frolanda.c21resultsteam.com%2F&rl=&if=false&ts=1675775739423&sw=1600&sh=1200&ud[external_id]=ba5de332108ebd3021322f5993407c41ee9859f550a1a900ceee8acacd4d5338&v=2.9.95&r=stable&a=seg&ec=1&o=30&cs_est=true&fbp=fb.1.1675775739252.1241775446&it=1675775739191&coo=false&rqm=GET

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Feb 2023 13:15:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 51ms
51ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1601293184&t=pageview&_s=1&dl=https%3A%2F%2Frolanda.c21resultsteam.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Search%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAHAAEABAAAAACgCIAB~&jid=490271726&gjid=593524502&cid=1969226068.1675775739&tid=UA-58311306-5&_gid=1177512704.1675775739&_r=1&z=280328590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rolanda.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
28ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1601293184&t=event&ni=1&_s=2&dl=https%3A%2F%2Frolanda.c21resultsteam.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20Search%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Home%20Search%20Site%20Page&ev=0&_u=aAHAAEABAAAAACgCIAB~&jid=&gjid=&cid=1969226068.1675775739&tid=UA-58311306-5&_gid=1177512704.1675775739&z=1080992976

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 20:05:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61789
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 config Show response
widgetbe.com/ 206 B
540 B 354ms
165ms XHR
application/json 34.196.127.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/config
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.127.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-127-143.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash: 9948f0b67c7f57c6cce67753be5ed778eb7e0eabb0f8eacf2a4e8a8ff56a6f61

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ 271 KB
76 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a63c8a81e2094da4cf6f608732bd29c7210be02457ff7166676a8de0813ad973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 09:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77257
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 09:07:45 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ 159 KB
59 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab4e7ca6837030e64d507c6ab90890cd9a63fc25bb7bf3bcd441dda6881b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 02:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59675
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:16:17 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ 88 KB
27 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0f1e5601e335367ebb9e80e0c2cfa10df52be9c2a9413093853a2e97bc56e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 00:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27140
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 00:44:07 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ 47 KB
17 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBkpaeY0FTb-b9f-yNNu6bgx6OwGZ60Xz4&libraries=places&region=US&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30664b7a39fffbe8f5b230fa1d5dd5e6af8ec08ed68119831ef50577ac3b2293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17741
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 18:42:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 22ms
19ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58311306-5&cid=1969226068.1675775739&jid=490271726&gjid=593524502&_gid=1177512704.1675775739&_u=aAHAAEABAAAAACgCIAB~&z=597298491

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Feb 2023 13:15:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rolanda.c21resultsteam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 65ms
64ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58311306-5&cid=1969226068.1675775739&jid=490271726&_u=aAHAAEABAAAAACgCIAB~&z=1337935928

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
36ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-58311306-5&cid=1969226068.1675775739&jid=490271726&_u=aAHAAEABAAAAACgCIAB~&z=1337935928

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 13:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 15ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836151066530211&ev=Microdata&dl=https%3A%2F%2Frolanda.c21resultsteam.com%2F&rl=&if=false&ts=1675775739759&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20Search%22%2C%22meta%3Adescription%22%3A%22Home%20Search%20and%20latest%20real%20estate%20listings.%20%20Find%20your%20perfect%20home%20with%20us!%22%2C%22meta%3Akeywords%22%3A%22Home%20Search%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Home%20Search%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Frolanda.c21resultsteam.com%3A443%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fyl-clients-prod.s3.amazonaws.com%2F4310fd21-9933-49f8-8ad8-654293f98943Terry%2520Swanson%2520Header.png%22%2C%22og%3Aimage%3Awidth%22%3A%22600%22%2C%22og%3Aimage%3Aheight%22%3A%22450%22%2C%22og%3Adescription%22%3A%22Home%20Search%20and%20latest%20real%20estate%20listings.%20%20Find%20your%20perfect%20home%20with%20us!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=ba5de332108ebd3021322f5993407c41ee9859f550a1a900ceee8acacd4d5338&v=2.9.95&r=stable&a=seg&ec=2&o=30&fbp=fb.1.1675775739252.1241775446&it=1675775739191&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 07 Feb 2023 13:15:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 create Show response
app.convertflow.co/websites/28791/events/ 74 B
436 B 109ms
109ms Script
text/javascript 2606:4700:20::681a:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertflow.co/websites/28791/events/create?callback=jQuery36109871425083348597_1675775739262&event%5Bevent_type%5D=Visit&event%5Bvisitor_token%5D=794eba3e-09e7-4cf8-9c32-b4b25d15d8e8&event%5Burl%5D=https%3A%2F%2Frolanda.c21resultsteam.com%2F&event%5Bwebsite_id%5D=28791&event%5Bdata%5D%5Btitle%5D=Home%20Search&_=1675775739264

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:929 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107915b024328bf32c631f18fdb5230965adcc3a4505a9553e46b72fc4198279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 vegur
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: e359d445-2293-44b0-bf63-cc38d67fcf30
x-runtime: 0.004732
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"107915b024328bf32c631f18fdb52309"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3HchYklAOAihlSIQaSAqC25xV3dxG8W6sr3YmRDcoQ%2Fv%2FZuy0M7SFPtmlVopK%2F2UPaAJQFSrUQeImYJrTpKqoogZ6hugRUJw8D%2BeSuxZtCBVIOh5dud3%2FTTBCF7nRR76E04pSafcI%2FdAWbsiv0IfA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, private, must-revalidate
cf-ray: 795c65459d462c4f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 widget Show response
widgetbe.com/ Frame BEC4 173 KB
173 KB 102ms
102ms Script
application/javascript 34.196.127.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/widget
Requested by: Host: rolanda.c21resultsteam.com
URL: https://rolanda.c21resultsteam.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.127.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-127-143.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash: ceddedcc2f5152f4ebdfee4d9e381bad6f4666273ee1bfb44e296827e0561e65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rolanda.c21resultsteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

POST
H2 200 pages Show response
widgetbe.com/ 0
325 B 128ms
127ms XHR
text/html 34.196.127.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/pages
Requested by: Host: widgetbe.com
URL: https://widgetbe.com/agent
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.127.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-127-143.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 / PHP/7.4.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Feb 2023 13:15:39 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
x-powered-by: PHP/7.4.30
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
content-length: 0

GET
H2 200 proximanova-regular-webfont.woff2
widgetbe.com/fonts/ Frame BEC4 21 KB
21 KB 95ms
95ms Font
application/octet-stream 34.196.127.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetbe.com/fonts/proximanova-regular-webfont.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.127.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-127-143.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30 /
Resource Hash: b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795

Request headers

Referer: https://rolanda.c21resultsteam.com/
Origin: https://rolanda.c21resultsteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Feb 2023 13:15:40 GMT
last-modified: Wed, 27 Jul 2022 02:48:56 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.4.30
accept-ranges: bytes
etag: "54c4-5e4c0754bfb82"
content-length: 21700

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
96 B 653ms
48ms XHR
application/json 35.186.241.51

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1675775744485

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 07 Feb 2023 13:15:45 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://rolanda.c21resultsteam.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/engage/ 25 B
378 B 651ms
47ms XHR
application/json 35.186.241.51

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/engage/?verbose=1&ip=1&_=1675775744486

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://rolanda.c21resultsteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 07 Feb 2023 13:15:45 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://rolanda.c21resultsteam.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.c21resultsteam.com/	1970-01-20 13:48:47	Name: connect.sid Value: s%3AqUgwdDcbyHswfDjN6K1yIj47EN2mmF45.4sMpFMDImm%2FdRSw5C1qExu5uZC7vWDdN95DMMQTwcVU
.c21resultsteam.com/	1970-01-20 11:39:11	Name: _gcl_au Value: 1.1.1711995598.1675775739
.doubleclick.net/	1970-01-20 09:29:36	Name: test_cookie Value: CheckForPermission
.c21resultsteam.com/	1970-01-20 19:05:35	Name: _ga_773L8LSMPJ Value: GS1.1.1675775738.1.0.1675775738.0.0.0
.c21resultsteam.com/	1970-01-20 09:31:02	Name: _uetsid Value: 840c1540a6e911ed8701895b7000174c
.c21resultsteam.com/	1970-01-20 18:51:11	Name: _uetvid Value: 840c3660a6e911ed980b230bfd63de90
.c21resultsteam.com/	1970-01-20 19:05:35	Name: _ga Value: GA1.2.1969226068.1675775739
.c21resultsteam.com/	1970-01-20 09:31:02	Name: _gid Value: GA1.2.1177512704.1675775739
.c21resultsteam.com/	1970-01-20 09:29:35	Name: _gat_UA-58311306-5 Value: 1
.rolanda.c21resultsteam.com/	1970-01-20 19:05:35	Name: _ga Value: GA1.3.1969226068.1675775739
.rolanda.c21resultsteam.com/	1970-01-20 09:31:02	Name: _gid Value: GA1.3.1177512704.1675775739
.bing.com/	1970-01-20 18:51:11	Name: MUID Value: 1431684BD6E86A4325257AFAD73A6B7C
.c21resultsteam.com/	1970-01-20 11:39:11	Name: _fbp Value: fb.1.1675775739252.1241775446
.c21resultsteam.com/	1970-01-20 19:05:35	Name: cf_28791_id Value: 794eba3e-09e7-4cf8-9c32-b4b25d15d8e8
.c21resultsteam.com/	1969-12-31 23:59:59	Name: cf_28791_person_last_update Value: 1675775739270
.c21resultsteam.com/	1970-01-20 18:15:11	Name: ajs_anonymous_id Value: %221862c0485ecde6-09784b6c4c5ccb-60325d57-1d4c00-1862c0485ed1286%22
.c21resultsteam.com/	1970-01-20 18:15:11	Name: fpjs_user_id Value: %2299c96669-cd8b-484f-a7eb-fe04e1566d97%22
.c21resultsteam.com/	1970-01-20 18:15:11	Name: mp_b6bc3e1a-cd18-40ec-a7f6-45bc74e949c4_perfalytics Value: %7B%22distinct_id%22%3A%20%2299c96669-cd8b-484f-a7eb-fe04e1566d97%22%2C%22%24device_id%22%3A%20%221862c0485ecde6-09784b6c4c5ccb-60325d57-1d4c00-1862c0485ed1286%22%2C%22appName%22%3A%20%22Home%20Search%22%2C%22appVersion%22%3A%20%222%22%2C%22buildVersion%22%3A%20%225.32.2%22%2C%22partyId%22%3A%20%2222587%22%2C%22partyWebsiteId%22%3A%20%22101705%22%2C%22sourceIds%22%3A%20%5B%0A%20%20%20%20751%2C%0A%20%20%20%20678%2C%0A%20%20%20%20544%0A%5D%2C%22sourceIdsCount%22%3A%203%2C%22isLpRouteAccessible%22%3A%20false%2C%22isAdditionalNearbyListingsEnabled%22%3A%20true%2C%22isHalfBathDisplayEnabled%22%3A%20false%2C%22isConvertFlowRealEstateWebsite%22%3A%20true%2C%22isConvertFlowMortgageWebsite%22%3A%20false%2C%22defaultSearchResultStyle%22%3A%20%22plainText%22%2C%22isCollageEnabled%22%3A%20false%2C%22isMortgageConvertFlowListingDetailEmbedAreaEnabled%22%3A%20false%2C%22isRealEstateConvertFlowListingDetailEmbedAreaEnabled%22%3A%20false%2C%22isAddressAutocompleteRestrictionEnabled%22%3A%20false%2C%22isAreaSearchGoogleAutocompleteEnabled%22%3A%20false%2C%22srpNearyByListingCardStyling%22%3A%20true%2C%22isSrpDefaultMapViewEnabled%22%3A%20false%2C%22isDefaultMapViewIgnoreMobile%22%3A%20false%2C%22isCanadianAddressesRestrictedForHomebot%22%3A%20true%2C%22isContentfulOverrideAllowed%22%3A%20false%2C%22isFeaturedListingDefaultEmptyView%22%3A%20true%2C%22environment%22%3A%20%22production%22%2C%22__user_props%22%3A%20%7B%7D%2C%22%24user_id%22%3A%20%2299c96669-cd8b-484f-a7eb-fe04e1566d97%22%2C%22__last_event_time%22%3A%201675775739406%2C%22%24session_id%22%3A%20%221862c0485f0106c-00c4683388c21f-60325d57-1d4c00-1862c0485f11489%22%2C%22__initial_utm_props_set%22%3A%20true%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24pageview_id%22%3A%20%221862c04860ca28-019b839d3d9ff1-60325d57-1d4c00-1862c04860d10f2%22%7D
.c21resultsteam.com/	1970-01-20 09:29:35	Name: _gat_freshpaintGATracker Value: 1
rolanda.c21resultsteam.com/	1970-01-20 18:15:11	Name: mp_7c3d0528c5b7cd399b3c000e2659efa8_mixpanel Value: %7B%22distinct_id%22%3A%20%2299c96669-cd8b-484f-a7eb-fe04e1566d97%22%2C%22%24device_id%22%3A%20%221862c04865e66a-07a938d9c36ec2-60325d57-1d4c00-1862c04865f1174%22%2C%22mp_lib%22%3A%20%22Freshpaint%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24user_id%22%3A%20%2299c96669-cd8b-484f-a7eb-fe04e1566d97%22%2C%22mp_name_tag%22%3A%20%2299c96669-cd8b-484f-a7eb-fe04e1566d97%22%2C%22id%22%3A%20%2299c96669-cd8b-484f-a7eb-fe04e1566d97%22%7D
.c21resultsteam.com/	1970-01-20 19:05:35	Name: WidgetTrackerCookie Value: 953e017c-1707-45eb-95b3-6f6c57d5f4da

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://widgetbe.com/agent Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-js.mixpanel.com
api.perfalytics.com
app.convertflow.co
bat.bing.com
cdn.mxpnl.com
connect.facebook.net
d2hnwe88wt837l.cloudfront.net
googleads.g.doubleclick.net
js.convertflow.co
maps.googleapis.com
perfalytics.com
region1.google-analytics.com
rolanda.c21resultsteam.com
stats.g.doubleclick.net
widgetbe.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
yl-clients-prod.s3.amazonaws.com
13.224.189.4
13.224.189.42
2001:4860:4802:34::36
2600:1901:0:498c::
2600:9000:2304:8200:c:7a7f:d040:21
2606:4700:20::681a:929
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:812::200a
2a00:1450:4001:831::2003
2a00:1450:400d:806::2008
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2004
2a00:1450:4025:401::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.196.127.143
34.217.182.168
35.186.241.51
54.231.234.145
0492eed13f4292bcf2f9f412d3edb5451df8f57a3d3647122c34b212e5145311
0e6d53b932db2b8438728e80dbd1b1316e39155709a2378e069f79ec3ab868f0
0fedecd22aac7afd4962cdbf8b73e5494c690f506310c4124c649a120b719774
10737d0b323ce48445b974eedde4b4fd3de6ba62c806acbcf171e74cd21124d9
107915b024328bf32c631f18fdb5230965adcc3a4505a9553e46b72fc4198279
175bf7112532dc5f598f187f3af233c968350071d1ef5208a031e78a053f2ece
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1ddae9b0e1aca277d6792c00a5851dbf8da9d7816be4b07449cee93f8b5c9806
22459e1de13b29a9997c47434287b7b07bcd58013dc71c6fa14637b0d46d469c
23ce9b76e15ab7d4456581c8e2ca64ab0b1f9f3b261423652437c6517ae6fa9e
2839dacab949e77b39bf40b76aa1cc7370f437996faed2a2734b7d7e7028a1fc
30664b7a39fffbe8f5b230fa1d5dd5e6af8ec08ed68119831ef50577ac3b2293
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
46fa0164da3459946b34afb89c6189b8164727a3a2dd6f2bffc2ade09663fcef
493ab4e7ca6837030e64d507c6ab90890cd9a63fc25bb7bf3bcd441dda6881b0
5332792a6b4dc41f74a5c81e8866c9570762fc150571e4d7b787379f7d3a7c41
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a85867bb289349d88ba9c8fed0b3e495e8280d9d875659f17152fb18b288933
5edd3f99dd4dc9e93f22334ebd598ed9ea0b0ec1b9aebef9310329c0ba05ed19
5f2e83774756cfe7a9403cdb4dda01679b046b655933587b70e5bd93ffcfc398
60cae4613964231b7536e02ed12711d7580b84de426cdac5a13ff57cc5bdd80c
642ea03838aed3e8a784ce36bdf055b9aa77650eeebf24c03224c24b152c880b
7902d189baa74f6bee1080e3c15d7a448d62e6669c3ba603175b21f715c33c21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8573f21d089b36019c5606e0e247d3ff654c2560eabe44f48fdfaee4cff36918
8b2e6056077d418b180e15faefddef44ed0774dda607d40e16da50ad6ab273fe
9948f0b67c7f57c6cce67753be5ed778eb7e0eabb0f8eacf2a4e8a8ff56a6f61
9dea127d1a184ded7c443a0d60944a944904e7b6490c2b2f06420c2801704634
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4bf0e9332da38bfeef6e840d2fad4e24d97e0f038bbd0bc2eb39631487e9434
a63c8a81e2094da4cf6f608732bd29c7210be02457ff7166676a8de0813ad973
abb41bd6569f8db762dc436a6f0340b81e41ec980804c7d94904d89c3bdc57b6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
be7ef9c332c2ca95a979ff1bf4699e69e2611c3c866b3b9d6021cc03c1322781
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c5d27e7a01a4e79bad4c7632a26b5c6185864859019dc56640779d33e3928ba6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdd894a880fc6a1e02be92294a826468035ff8903d745f26d12e9fd6904b183d
ceddedcc2f5152f4ebdfee4d9e381bad6f4666273ee1bfb44e296827e0561e65
d0f1e5601e335367ebb9e80e0c2cfa10df52be9c2a9413093853a2e97bc56e25
d548a16de9335ef72376dc82608ad0fb4ba51c134a83c1fea2f97d49dbf2e614
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e8640eec8861e19f8ac1fd48f6db05247513a2e006b88102d57121eefba5bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f76246bbe34dd4e1b0cee346002932964270019af1047bc46d37749535538a70
f802fd812c6cc9a4f4e19fc01fe1fbe73b25dd01b168ce51dcdba9c41bc48436

rolanda.c21resultsteam.com Open in urlscan Pro 34.217.182.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

100 %HTTPS

71 %IPv6

17 Domains

22 Subdomains

21 IPs

4 Countries

2278 kBTransfer

5783 kBSize

21 Cookies

0 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rolanda.c21resultsteam.com Open in urlscan Pro
34.217.182.168 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

100 %
HTTPS

71 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

2278 kB
Transfer

5783 kB
Size

21
Cookies

85 HTTP transactions
0 data transactions