www.barandrestaurantexpo.com Open in urlscan Pro
2606:4700::6811:d834 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qtx.omeclk.com/portal/wts/ucmcmQ6d7%3B2ba%3Bkxcy%7CPec%7CreFogcsqHZynce%7Ejmm
Effective URL:
https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Submission: On March 30 via manual (March 30th 2023, 7:39:59 pm UTC) from US — Scanned from DE

Summary HTTP 121 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 29 domains to perform 121 HTTP transactions. The main IP is 2606:4700::6811:d834, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.barandrestaurantexpo.com. The Cisco Umbrella rank of the primary domain is 413062.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time www.barandrestaurantexpo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.162.42.171 205.162.42.171	53866 (QTS-AS) (QTS-AS)
1 27	2606:4700::68... 2606:4700::6811:d834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	52.217.43.86 52.217.43.86	16509 (AMAZON-02) (AMAZON-02)
1 6	204.180.130.190 204.180.130.190	53866 (QTS-AS) (QTS-AS)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2 8	2600:9000:225... 2600:9000:225e:da00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:223... 2600:9000:223c:e400:1e:5cef:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.47 13.32.99.47	16509 (AMAZON-02) (AMAZON-02)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	54.209.91.188 54.209.91.188	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.202.208.11 52.202.208.11	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	104.16.93.165 104.16.93.165	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 3	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
3	54.235.106.154 54.235.106.154	14618 (AMAZON-AES) (AMAZON-AES)
2	54.204.238.15 54.204.238.15	14618 (AMAZON-AES) (AMAZON-AES)
1	54.236.171.84 54.236.171.84	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:9ce8:2a91:ad50:9522	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	205.162.42.5 205.162.42.5	53866 (QTS-AS) (QTS-AS)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	108.138.36.74 108.138.36.74	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
2	2600:9000:225... 2600:9000:2251:f600:c:860d:a440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2600:9000:223... 2600:9000:223c:bc00:0:d27a:1440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e4:... 2606:4700:e4::ac40:a916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
6	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	54.148.145.131 54.148.145.131	16509 (AMAZON-02) (AMAZON-02)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
121	42

1 205.162.42.171 (Overland Park, United States) 1 redirects

ASN53866 (QTS-AS, US)
PTR: omeclk.com

qtx.omeclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6811:d834 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.barandrestaurantexpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.43.86 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.180.130.190 (Lincolnshire, United States) 1 redirects

ASN53866 (QTS-AS, US)

sample.dragonforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:225e:da00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:e400:1e:5cef:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.209.91.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com

api.42chat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.202.208.11 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-208-11.compute-1.amazonaws.com

rdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.93.165 (None, )

ASN13335 (CLOUDFLARENET, US)

qtxasset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.180.130.165 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.235.106.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-106-154.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.238.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-238-15.compute-1.amazonaws.com

app.42chat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.171.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-171-84.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:9ce8:2a91:ad50:9522 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.162.42.5 (Overland Park, United States)

ASN53866 (QTS-AS, US)
PTR: cdn.omeda.com

cdn.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.36.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-74.muc50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.180.130.159 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

cdp.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:f600:c:860d:a440:93a1 (United States)

ASN16509 (AMAZON-02, US)

hostedcontent.dragonforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:bc00:0:d27a:1440:93a1 (United States)

ASN16509 (AMAZON-02, US)

static-cdn.dragonforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.145.131 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-145-131.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	barandrestaurantexpo.com 1 redirects www.barandrestaurantexpo.com — Cisco Umbrella Rank: 413062	450 KB
13	omeda.com olytics.omeda.com — Cisco Umbrella Rank: 25164 oqs.omeda.com — Cisco Umbrella Rank: 25637 cdn.omeda.com — Cisco Umbrella Rank: 46457 cdp.omeda.com — Cisco Umbrella Rank: 25584	187 KB
11	dragonforms.com sample.dragonforms.com — Cisco Umbrella Rank: 81977 Failed hostedcontent.dragonforms.com — Cisco Umbrella Rank: 66829 static-cdn.dragonforms.com — Cisco Umbrella Rank: 67319	88 KB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2665 d.adroll.com — Cisco Umbrella Rank: 1345	82 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1244 q.stripe.com — Cisco Umbrella Rank: 7928 m.stripe.com — Cisco Umbrella Rank: 1249	114 KB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 444	12 KB
5	42chat.com api.42chat.com — Cisco Umbrella Rank: 384004 app.42chat.com — Cisco Umbrella Rank: 441033	714 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1666 ka-f.fontawesome.com — Cisco Umbrella Rank: 3207	24 KB
4	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 29123 a.dpmsrv.com — Cisco Umbrella Rank: 23839	16 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	40 KB
3	gstatic.com fonts.gstatic.com	49 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	4 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	1 KB
3	rdcdn.com 2 redirects rdcdn.com — Cisco Umbrella Rank: 47137	816 B
3	ml314.com ml314.com — Cisco Umbrella Rank: 1845 in.ml314.com — Cisco Umbrella Rank: 9828	12 KB
3	amazonaws.com s3.amazonaws.com	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	191 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1316	17 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	241 B
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
2	qtxasset.com qtxasset.com — Cisco Umbrella Rank: 63002	404 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	136 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 284	518 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	29 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 403	99 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5083	2 KB
1	omeclk.com 1 redirects qtx.omeclk.com — Cisco Umbrella Rank: 75417	398 B
121	29

	Domain	Requested by
27	www.barandrestaurantexpo.com	1 redirects www.barandrestaurantexpo.com
8	s.adroll.com	2 redirects www.googletagmanager.com www.barandrestaurantexpo.com s.adroll.com
6	js-agent.newrelic.com	www.barandrestaurantexpo.com
6	sample.dragonforms.com	www.barandrestaurantexpo.com sample.dragonforms.com code.jquery.com
4	cdp.omeda.com	olytics.omeda.com
4	oqs.omeda.com	olytics.omeda.com
3	q.stripe.com	www.barandrestaurantexpo.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	static-cdn.dragonforms.com	sample.dragonforms.com
3	js.stripe.com	app.42chat.com js.stripe.com
3	fonts.googleapis.com	app.42chat.com hostedcontent.dragonforms.com
3	a.dpmsrv.com	www.barandrestaurantexpo.com s.dpmsrv.com
3	ib.adnxs.com	2 redirects www.barandrestaurantexpo.com
3	rdcdn.com	2 redirects www.barandrestaurantexpo.com
3	api.42chat.com	www.googletagmanager.com app.42chat.com
3	olytics.omeda.com	www.barandrestaurantexpo.com www.googletagmanager.com sample.dragonforms.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	s3.amazonaws.com	www.barandrestaurantexpo.com
3	www.googletagmanager.com	www.barandrestaurantexpo.com www.googletagmanager.com sample.dragonforms.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	hostedcontent.dragonforms.com	sample.dragonforms.com
2	cm.g.doubleclick.net	2 redirects
2	cdn.omeda.com	sample.dragonforms.com
2	www.googletagservices.com	olytics.omeda.com
2	www.facebook.com	www.barandrestaurantexpo.com
2	app.42chat.com	api.42chat.com app.42chat.com
2	pagead2.googlesyndication.com	olytics.omeda.com
2	qtxasset.com	www.barandrestaurantexpo.com
2	ml314.com	www.barandrestaurantexpo.com ml314.com
2	connect.facebook.net	www.barandrestaurantexpo.com connect.facebook.net
1	bam.nr-data.net	js-agent.newrelic.com
1	m.stripe.com	m.stripe.network
1	kit.fontawesome.com	sample.dragonforms.com
1	code.jquery.com	sample.dragonforms.com
1	idsync.rlcdn.com	www.barandrestaurantexpo.com
1	d.adroll.com	s.adroll.com
1	in.ml314.com	ml314.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s.dpmsrv.com	www.barandrestaurantexpo.com
1	ws.zoominfo.com	www.barandrestaurantexpo.com
1	qtx.omeclk.com	1 redirects
121	43

This site contains links to these domains. Also see Links.

Domain
barandrestaurant.com
www.vibeconference.com
www.worldteanews.com
worldteaexpo.com
worldteaacademy.com
www.linkedin.com
www.facebook.com
www.instagram.com
barrestaurantexpo2023a.sched.com
s36.a2zinc.net
pages.questexinfo.com
www.ncbshow.com
www.barandrestaurant.com
barandrestaurant.questexinfo.com
www.worldteaexpo.com
questex.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2022-06-24` - `2023-06-24`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-01`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-07` - `2023-04-07`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-03-22` - `2024-03-21`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-02-09` - `2023-05-10`	3 months	crt.sh
api.42chat.com R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
app.42chat.com R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-02-27` - `2023-12-14`	10 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Frame ID: 7EFBFDDE987B47C210E5747F7627A1C8
Requests: 71 HTTP requests in this frame

Frame: https://sample.dragonforms.com/NCBShowAttendeeInquiry
Frame ID: AEE8157A5F9F544693DDDE7E445256D3
Requests: 1 HTTP requests in this frame

Frame: https://www.barandrestaurantexpo.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680192000
Frame ID: EF17B556C37E5E2C6CB51CB66AD044A7
Requests: 3 HTTP requests in this frame

Frame: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry
Frame ID: 0AA61151D46D63DFB7DE70BCC0033E89
Requests: 26 HTTP requests in this frame

Frame: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button
Frame ID: 81C93495F45FF1765C0BBB7FAC6E43FF
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 55AF09D2E8227FEAADA7CA4DA1970A31
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: EE00275A22D593B733AA7D35F18F5FF5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attendee Inquiry | Bar & Restaurant Expo (Ncb Show)

Page URL History Show full URLs

https://qtx.omeclk.com/portal/wts/ucmcmQ6d7%3B2ba%3Bkxcy%7CPec%7CreFogcsqHZynce~jmm HTTP 302
https://www.barandrestaurantexpo.com/attendee-inquiry?utm_source=email&utm_medium=email&utm_campaign=BR-Show-NCB+... HTTP 301
https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

95 %
HTTPS

47 %
IPv6

29
Domains

43
Subdomains

42
IPs

6
Countries

2583 kB
Transfer

7527 kB
Size

28
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://barandrestaurant.com/
Title: Bar & Restaurant

Search URL Search Domain Scan URL

URL: https://www.vibeconference.com/
Title: VIBE

Search URL Search Domain Scan URL

URL: https://www.worldteanews.com/
Title: World Tea News

Search URL Search Domain Scan URL

URL: https://worldteaexpo.com/
Title: World Tea Expo

Search URL Search Domain Scan URL

URL: https://worldteaacademy.com/
Title: World Tea Academy

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/bar-restaurant-expo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/barandrestaurantexpo/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/barandrestaurantexpo

Search URL Search Domain Scan URL

URL: https://barrestaurantexpo2023a.sched.com//directory/speakers?iframe=yes&w=100%25&sidebar=yes&bg=no
Title: Speakers

Search URL Search Domain Scan URL

URL: https://s36.a2zinc.net/clients/Questex/br2023/Public/eventmap.aspx
Title: 2023 Exhibitors

Search URL Search Domain Scan URL

URL: https://pages.questexinfo.com/br-bresponsorinterest-4062022/
Title: Sponsorship & Booth Inquiry

Search URL Search Domain Scan URL

URL: https://pages.questexinfo.com/barandrestaurant-2022mediakit/
Title: Download Prospectus

Search URL Search Domain Scan URL

URL: https://s36.a2zinc.net/clients/Questex/br2023/Public/eventmap.aspx?shMode=E
Title: 2023 Floor Plan

Search URL Search Domain Scan URL

URL: https://www.ncbshow.com/ncbshow-press
Title: Press Releases

Search URL Search Domain Scan URL

URL: https://www.barandrestaurant.com/
Title: Industry News

Search URL Search Domain Scan URL

URL: https://barandrestaurant.questexinfo.com/BR_full
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://www.vibeconference.com/
Title: VIBE Conference

Search URL Search Domain Scan URL

URL: https://www.worldteaexpo.com/
Title: World Tea Conference & Expo

Search URL Search Domain Scan URL

URL: https://questex.com/

Search URL Search Domain Scan URL

URL: https://questex.com/terms-and-conditions/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://questex.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qtx.omeclk.com/portal/wts/ucmcmQ6d7%3B2ba%3Bkxcy%7CPec%7CreFogcsqHZynce~jmm HTTP 302
https://www.barandrestaurantexpo.com/attendee-inquiry?utm_source=email&utm_medium=email&utm_campaign=BR-Show-NCB+Show+-+Attendee&oly_enc_id=8131F8723101I3C HTTP 301
https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://sample.dragonforms.com/NCBShowAttendeeInquiry HTTP 302
https://sample.dragonforms.com/init.do?omedasite=NCBShowAttendeeInquiry

Request Chain 37

https://rdcdn.com/rt?aid=19932&e=1&img=1 HTTP 302
https://rdcdn.com/eow HTTP 302
https://rdcdn.com/images/blank.gif

Request Chain 46

https://s.adroll.com/j/exp/CWY4JBC5CVDIRM67POBB3F/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 47

https://s.adroll.com/j/pre/CWY4JBC5CVDIRM67POBB3F/RNLI6UCEQFGR3ECWZBVC7S/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 55

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D913%26pixelIndex%3D0%26r%3D453388%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.barandrestaurantexpo.com%252Fncbshow-attendee-inquiry%253Foly_enc_id%253D8131F8723101I3C HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D913%2526pixelIndex%253D0%2526r%253D453388%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.barandrestaurantexpo.com%25252Fncbshow-attendee-inquiry%25253Foly_enc_id%25253D8131F8723101I3C HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=4008916930970794437&zn=&sn=&q=xImp&v=1.x&cl=913&pixelIndex=0&r=453388&tzOffset=0&url=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=4008916930970794437&pixelIndex=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=4008916930970794437&pixelIndex=0&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=4008916930970794437&pixelIndex=0&google_gid=CAESELG-iQ4cAQDoMXEtFdxDC2A&google_cver=1

121 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ncbshow-attendee-inquiry Show response
www.barandrestaurantexpo.com/
Redirect Chain

https://qtx.omeclk.com/portal/wts/ucmcmQ6d7%3B2ba%3Bkxcy%7CPec%7CreFogcsqHZynce~jmm
https://www.barandrestaurantexpo.com/attendee-inquiry?utm_source=email&utm_medium=email&utm_campaign=BR-Show-NCB+Show+-+Attendee&oly_enc_id=8131F8723101I3C
https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

320 KB
59 KB

1047ms
1047ms

Document
text/html

2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e53ce26eb3ec43821e8a08d41ce762e23f4e6690bbf8006ef8361edf5413e88

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.qtx.dev https://.dev.qtxquartz.com https://.stage.qtxquartz.com https://www.fiercewireless.com https://www.fiercetelecom.com https://sample.dragonforms.com https://.questexinfo.com http://resources.questex.com https://resources.questex.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: max-age=31536000, public
cf-cache-status: DYNAMIC
cf-ray: 7b02d232edd039bc-FRA
content-encoding: br
content-language: en
content-security-policy: frame-ancestors 'self' https://*.qtx.dev https://*.dev.qtxquartz.com https://*.stage.qtxquartz.com https://www.fiercewireless.com https://www.fiercetelecom.com https://sample.dragonforms.com https://*.questexinfo.com http://resources.questex.com https://resources.questex.com
content-type: text/html; charset=UTF-8
date: Thu, 30 Mar 2023 19:39:53 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 30 Mar 2023 19:39:52 GMT
link: <https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry>; rel="canonical"
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie,Accept-Encoding,Host
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: UNCACHEABLE
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-a3fadb6c-cf32-11ed-b9a5-af9816c8e5a2
x-ua-compatible: IE=edge

Redirect headers

age: 0
cache-control: max-age=900, public
cf-cache-status: DYNAMIC
cf-ray: 7b02d22f3f5139bc-FRA
content-language: en
content-security-policy: frame-ancestors 'self' https://*.qtx.dev https://*.dev.qtxquartz.com https://*.stage.qtxquartz.com https://www.fiercewireless.com https://www.fiercetelecom.com https://sample.dragonforms.com https://*.questexinfo.com http://resources.questex.com https://resources.questex.com
content-type: text/html; charset=UTF-8
date: Thu, 30 Mar 2023 19:39:52 GMT
location: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Host
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-cache: MISS
x-generator: Drupal 9 (https://www.drupal.org)
x-redirect-id: 271
x-request-id: v-a3a0bc22-cf32-11ed-8ca4-fb744af88688
x-ua-compatible: IE=edge

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
64 KB 46ms
23ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3H4VH

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a3b80b96b6c5a3b2a37fffda85e15962cca8e839fb8b833b9a42e650f4bdc14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64741
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Mar 2023 19:39:53 GMT

GET NCBShowAttendeeInquiry
sample.dragonforms.com/ Frame AEE8 0
0

GET
H/1.1 200
OK BRE+Color+Nav-Only+Logo.V4.svg
s3.amazonaws.com/publicdesign.qtxasset.com/Branding+Portal/Hospitality/BRE/Logo/ 6 KB
6 KB 339ms
144ms Image
image/svg+xml 52.217.43.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/publicdesign.qtxasset.com/Branding+Portal/Hospitality/BRE/Logo/BRE+Color+Nav-Only+Logo.V4.svg
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.86 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b148ff3b1ef039e438c8a5d50cb5b35d7dec9089221962748845d5c256bc4360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:39:54 GMT
Last-Modified: Fri, 03 Mar 2023 18:02:51 GMT
Server: AmazonS3
x-amz-request-id: 74SAAS95PVVG5YSP
ETag: "465f610de88c291e18637948d8f75229"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5681
x-amz-id-2: K9cbKnU0AK0TJMBaB1H0QoCtBkVwtf3yTGU6dl8IevO8IGtTiPm24BLVvcd2u3ijmKfqpRceocI=

GET
H2 200 bars-regular.svg
www.barandrestaurantexpo.com/themes/custom/quartz_barrio/images/icons/ 602 B
513 B 25ms
24ms Image
image/svg+xml 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.barandrestaurantexpo.com/themes/custom/quartz_barrio/images/icons/bars-regular.svg

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19227206dcb0452526fb83a3d90146664cbd2ae14956a3e8b320b811bf4a497b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 330488
x-cache: MISS
x-ah-environment: prod
x-request-id: v-7918f9f4-c8c2-11ed-a2c5-d3880bf838f6
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7b02d23a394639bc-FRA
expires: Wed, 05 Apr 2023 15:01:49 GMT

GET
H2 200 xmark-solid.svg
www.barandrestaurantexpo.com/themes/custom/quartz_barrio/images/icons/ 618 B
500 B 26ms
26ms Image
image/svg+xml 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.barandrestaurantexpo.com/themes/custom/quartz_barrio/images/icons/xmark-solid.svg

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d007a16fea412648315d74a76b8878080bd98ce66a0272ace8c3043a9c4002e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 330488
x-cache: MISS
x-ah-environment: prod
x-request-id: v-d044a870-c1c1-11ed-ad45-ffaf6afd665e
last-modified: Wed, 08 Mar 2023 13:59:32 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7b02d23a394939bc-FRA
expires: Mon, 27 Mar 2023 17:09:28 GMT

GET
H/1.1 200
OK BRE+Color+Nav-Only+Logo.V3.svg
s3.amazonaws.com/publicdesign.qtxasset.com/Branding+Portal/Hospitality/BRE/Logo/ 7 KB
8 KB 336ms
137ms Image
image/svg+xml 52.217.43.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/publicdesign.qtxasset.com/Branding+Portal/Hospitality/BRE/Logo/BRE+Color+Nav-Only+Logo.V3.svg
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.86 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b4eeaf2d2acecd8f96cce59594c99a0d2bdfb349be8e46023bf0b349734d4fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:39:54 GMT
Last-Modified: Mon, 19 Dec 2022 23:08:30 GMT
Server: AmazonS3
x-amz-request-id: 74S5X4EDRW7H63VQ
ETag: "7fa92f4438540f38afe3c3bba04c78b2"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 7500
x-amz-id-2: WDhMBDq9FouAhzSUFObe8pXy2hd/mVJDaQBAMPunrraP154RirVm8I7uyrYahu2usU2JkzMIGlA=

GET
H2 200 js_6U_U4TtpvwCwSaqMNtSnXG8qe6WcITJiAWIfacPkdOE.js Show response
www.barandrestaurantexpo.com/sites/qcloud1/files/js/ 8 KB
2 KB 23ms
23ms Script
text/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/sites/qcloud1/files/js/js_6U_U4TtpvwCwSaqMNtSnXG8qe6WcITJiAWIfacPkdOE.js

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94fd4e13b69bf00b049aa8c36d4a75c6f2a7ba59c21326201621f69c3e474e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312803
x-cache: MISS
x-ah-environment: prod
x-request-id: v-79a33f8a-c906-11ed-97e6-b34b4fe62bdb
last-modified: Thu, 16 Mar 2023 22:28:24 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a394339bc-FRA
expires: Wed, 05 Apr 2023 23:08:36 GMT

GET
H2 200 runtime.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 2 KB
1010 B 27ms
24ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/runtime.js?v=c4865faa05e299bb

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf4fe1515892c71cdd95f5c6eb3a9cc0aa4ad0a93247c9a6e971bf6f169f53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 330488
x-cache: MISS
x-ah-environment: prod
x-request-id: v-663ea824-c84a-11ed-a0fb-9f2579301f44
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a394c39bc-FRA
expires: Wed, 05 Apr 2023 00:42:18 GMT

GET
H2 200 vendor-runtime-core.esm-bundler.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 65 KB
24 KB 43ms
40ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/vendor-runtime-core.esm-bundler.js?v=c4865faa05e299bb

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b868b7019b9619667a195de7bfa9663030a4f89f0022b20f1c96a531b3e4f690

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312803
x-cache: MISS
x-ah-environment: prod
x-request-id: v-dc068bba-c44b-11ed-a540-23b875cad1a9
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a395439bc-FRA
expires: Thu, 30 Mar 2023 22:42:41 GMT

GET
H2 200 vendor-compiler-core.esm-bundler.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 53 KB
19 KB 37ms
34ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/vendor-compiler-core.esm-bundler.js?v=c4865faa05e299bb

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11bf5a5404a37fdb74bf869390ee11395edc1058178f8b9136fc6a3ecd1695a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 330487
x-cache: MISS
x-ah-environment: prod
x-request-id: v-5350333c-c84e-11ed-b2dc-ef8ba0e989bd
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a395739bc-FRA
expires: Wed, 05 Apr 2023 01:10:24 GMT

GET
H2 200 vendor-runtime-dom.esm-bundler.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 29 KB
10 KB 36ms
33ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/vendor-runtime-dom.esm-bundler.js?v=c4865faa05e299bb

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e721448de4149c59b99e49159d0b8be3557227c4f317c688d02ab5eafe5ce580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312803
x-cache: MISS
x-ah-environment: prod
x-request-id: v-485d88c4-c2e2-11ed-998d-f368542724ab
last-modified: Wed, 08 Mar 2023 13:59:32 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a395a39bc-FRA
expires: Wed, 29 Mar 2023 03:34:25 GMT

GET
H2 200 nodepage-0fae5a8d.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 54 KB
12 KB 31ms
28ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-0fae5a8d.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace736d21df52fe454e5b4cbf64761ef6d49030122edc8a19913bda47d6e6e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 836500
x-cache: MISS
x-ah-environment: prod
x-request-id: v-dc858848-c44b-11ed-88f4-7be2215225c7
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396039bc-FRA
expires: Thu, 30 Mar 2023 22:42:41 GMT

GET
H2 200 nodepage-46826cd4.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 24 KB
7 KB 35ms
33ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-46826cd4.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3055ee717951a938400fa6492cc054b29a8ad38b9cbdf762ffdc3c4fc9aa5034

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312803
x-cache: MISS
x-ah-environment: prod
x-request-id: v-53884c36-c84e-11ed-95ed-8fc9a90feab6
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396139bc-FRA
expires: Wed, 05 Apr 2023 01:10:25 GMT

GET
H2 200 nodepage-80f4f91d.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 89 KB
16 KB 38ms
36ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-80f4f91d.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3abbaed02cceb6c27823bac8382b8974fc7a8f458aaf83cc39aad641ac35286b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312803
x-cache: MISS
x-ah-environment: prod
x-request-id: v-df66f43e-c44b-11ed-984d-47ea37dc0409
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396339bc-FRA
expires: Thu, 30 Mar 2023 22:42:46 GMT

GET
H2 200 nodepage-8b39a80f.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 75 KB
16 KB 43ms
41ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-8b39a80f.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00201acca2ef59429d7e8b28c439635298171e8551af940ac6c5f2e756a14dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312803
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e220602a-c44b-11ed-a456-ef2deaf4db88
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396439bc-FRA
expires: Thu, 30 Mar 2023 22:42:51 GMT

GET
H2 200 nodepage-b8758156.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 34 KB
9 KB 39ms
37ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-b8758156.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48206d01d880c9954ef7c1b30c7f4f96b981a6e20ebf10cb96655ac687d334f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 836500
x-cache: MISS
x-ah-environment: prod
x-request-id: v-db09932e-c44b-11ed-917c-1716262fb8c4
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396539bc-FRA
expires: Thu, 30 Mar 2023 22:42:39 GMT

GET
H2 200 nodepage-cdd60c62.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 71 KB
24 KB 46ms
44ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-cdd60c62.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77c82cb2a18ecfa3a1b4735631d1f3b4ddfa01f68730c465b7ef324006d6f736

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312803
x-cache: MISS
x-ah-environment: prod
x-request-id: v-ddfb50fe-c44b-11ed-abb7-9b459c46e688
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396639bc-FRA
expires: Thu, 30 Mar 2023 22:42:44 GMT

GET
H2 200 nodepage-d0741da4.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 42 KB
11 KB 44ms
42ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-d0741da4.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e1d900ecb285de03248e30b27bafdd46bd3b979af73672acb4a922b0b297da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 325521
x-cache: MISS
x-ah-environment: prod
x-request-id: v-53af2a36-c84e-11ed-a8fd-13cf629d9f3a
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396739bc-FRA
expires: Wed, 05 Apr 2023 01:10:25 GMT

GET
H2 200 nodepage-d1084bb9.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 49 KB
12 KB 43ms
41ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-d1084bb9.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9916a41499f328edf5430fc2f1ab256f843b88620b331ee2612d1526dabccb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 330487
x-cache: MISS
x-ah-environment: prod
x-request-id: v-dfdda7aa-c44b-11ed-8cab-df2c0621ec2f
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396939bc-FRA
expires: Thu, 30 Mar 2023 22:42:47 GMT

GET
H2 200 nodepage-d1d7439a.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 69 KB
15 KB 44ms
42ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-d1d7439a.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

284208f9804a46c61e293f1e3f22e9fe58506daaad4f6fedb2a6dc55a7cf858a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312802
x-cache: MISS
x-ah-environment: prod
x-request-id: v-dd815600-c44b-11ed-a3a3-8faff363fc94
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396b39bc-FRA
expires: Thu, 30 Mar 2023 22:42:43 GMT

GET
H2 200 nodepage-de7f7043.js Show response
www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/ 27 KB
7 KB 39ms
38ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-de7f7043.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0875350d585feb71ec3f59c1109edf80dc94e90c99a1f40a835c27d8476c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 552816
x-cache: MISS
x-ah-environment: prod
x-request-id: v-79192e10-c8c2-11ed-926c-2f6af7860680
last-modified: Thu, 16 Mar 2023 22:22:54 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a396d39bc-FRA
expires: Wed, 05 Apr 2023 15:01:49 GMT

GET
H2 200 js_OnC1_WVdswDC4FYPBZX7yVhu2-Ssn8zvOkVDdDmzipk.js Show response
www.barandrestaurantexpo.com/sites/qcloud1/files/js/ 3 KB
1 KB 38ms
36ms Script
text/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/sites/qcloud1/files/js/js_OnC1_WVdswDC4FYPBZX7yVhu2-Ssn8zvOkVDdDmzipk.js

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a70b5fd655db300c2e0560f0595fbc9586edbe4ac9fccef3a45437439b38a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8841
x-cache: MISS
x-ah-environment: prod
x-request-id: v-5a7ac29a-bee8-11ed-b3ec-839ca1b60fc4
last-modified: Thu, 16 Feb 2023 23:32:56 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 7b02d23a394d39bc-FRA
expires: Fri, 07 Apr 2023 03:14:52 GMT

GET
H2 200 css_cIzjQtGQ-jAAH97_-V5tW0NROSuOzej78Bfjf0qK4UQ.css
www.barandrestaurantexpo.com/sites/qcloud1/files/css/ 176 KB
33 KB 31ms
30ms Stylesheet
text/css 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/sites/qcloud1/files/css/css_cIzjQtGQ-jAAH97_-V5tW0NROSuOzej78Bfjf0qK4UQ.css

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

708ce342d190fa30001fdefff95e6d5b4351392b8ecde8fbf017e37f4a8ae144

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8841
x-cache: MISS
x-ah-environment: prod
x-request-id: v-e7e1741e-b95a-11ed-a972-e3e46ac96bda
last-modified: Thu, 02 Mar 2023 23:14:10 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 7b02d23a394e39bc-FRA
expires: Wed, 05 Apr 2023 01:38:38 GMT

GET
H2 200 css_I2HMw5FoenjGlqMvYJjKbCqACl_KJNAgmnPizaFkE14.css
www.barandrestaurantexpo.com/sites/qcloud1/files/css/ 103 KB
16 KB 26ms
24ms Stylesheet
text/css 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/sites/qcloud1/files/css/css_I2HMw5FoenjGlqMvYJjKbCqACl_KJNAgmnPizaFkE14.css

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2361ccc391687a78c696a32f6098ca6c2a800a5fca24d0209a73e2cda164135e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 312803
x-cache: MISS
x-ah-environment: prod
x-request-id: v-c9301196-c9aa-11ed-9e2f-4b05da7de48e
last-modified: Thu, 16 Mar 2023 22:28:24 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 7b02d23a395239bc-FRA
expires: Thu, 06 Apr 2023 18:44:47 GMT

GET
H2 200 invisible.js Show response
www.barandrestaurantexpo.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame EF17 28 KB
12 KB 16ms
16ms Script
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barandrestaurantexpo.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680192000
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0bc360c62421f0f9c14fa1cb49edfc5a8cd449fb3a81362485e6fd84dfaced

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b02d23aba0d39bc-FRA

GET
H2 200 d5f8d0e5-c190-4d59-a221-d9beefe4662e Show response
www.barandrestaurantexpo.com/jsonapi/block_content/hero_text_card/ 8 KB
2 KB 123ms
122ms XHR
application/json 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/jsonapi/block_content/hero_text_card/d5f8d0e5-c190-4d59-a221-d9beefe4662e?include=field_background_image,field_background_image.field_media_image,field_focal_image,field_sponsored_logo,field_sponsored_logo_2,field_sponsored_logo_3&fields[media--image]=field_media_image&fields[file--file]=uri,filemime,filename

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/nodepage-cdd60c62.js?v=a64fabacb34e036a4c4c43a85a13a909a0a6c1e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af8fea1000c19b8aa1bc59a5cf1f98110b3237e6d38595dc8b50db7f7560898

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.qtx.dev https://.dev.qtxquartz.com https://.stage.qtxquartz.com https://www.fiercewireless.com https://www.fiercetelecom.com https://sample.dragonforms.com https://.questexinfo.com http://resources.questex.com https://resources.questex.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Sun, 19 Nov 1978 05:00:00 GMT
date: Thu, 30 Mar 2023 19:39:53 GMT
content-security-policy: frame-ancestors 'self' https://*.qtx.dev https://*.dev.qtxquartz.com https://*.stage.qtxquartz.com https://www.fiercewireless.com https://www.fiercetelecom.com https://sample.dragonforms.com https://*.questexinfo.com http://resources.questex.com https://resources.questex.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: varnish
cf-cache-status: DYNAMIC
age: 16480
content-encoding: br
x-cache: HIT
x-drupal-dynamic-cache: MISS
x-ah-environment: prod
x-request-id: v-4532e79e-cf0c-11ed-851f-6b5244a886a8
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Mar 2023 15:05:12 GMT
server: cloudflare
etag: W/"1680188712-gzip"
vary: Cookie,Accept-Encoding,Host
content-language: en
content-type: application/json
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: max-age=31536000, public
cf-ray: 7b02d23b1a8739bc-FRA
x-drupal-cache: MISS
x-cache-hits: 170

GET
H/1.1

200

init.do Show response
sample.dragonforms.com/ Frame 0AA6
Redirect Chain

https://sample.dragonforms.com/NCBShowAttendeeInquiry
https://sample.dragonforms.com/init.do?omedasite=NCBShowAttendeeInquiry

283 B
673 B

117ms
117ms

Document
text/html

204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sample.dragonforms.com/init.do?omedasite=NCBShowAttendeeInquiry

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/modules/custom/quartz_apifirst/compiled/vendor-runtime-dom.esm-bundler.js?v=c4865faa05e299bb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

6655788c8c36780219c91b35f1a5ce49493bd5fc8771a4140d58aa61744e02e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 30 Mar 2023 19:40:01 GMT
Keep-Alive: timeout=5
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 30 Mar 2023 19:40:01 GMT
Keep-Alive: timeout=5
Location: init.do?omedasite=NCBShowAttendeeInquiry
Server: Apache

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3H4VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 18:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5682
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 30 Mar 2023 20:05:11 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 57 KB
19 KB 62ms
9ms Script
text/javascript 2600:9000:225e:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3H4VH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18935a832b69ea403b52af69de326274747cd437fdfb7033ee5b9dae7c25a096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: EySIR6cncYQh2iJlgW8YC46xyW8nrJXm
Content-Encoding: gzip
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Date: Thu, 30 Mar 2023 18:53:02 GMT
Age: 2816
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 13:46:26 GMT
Server: AmazonS3
Etag: W/"6958f0e4318cc01821cd9665c1ed4bb8"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Up0Fa3DpnJHwEGScDHpg_37Zv3i1mqs3WMn99oKF_FklUB9WvCkjDA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 37ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 30 Mar 2023 19:39:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /kAF6Ox1DOAyeWtMSMxB5djT9bTmQGlD99cDRNgoBA2TfvF8dVewM9//mZsdgt0tKQ2rI1/IPaTJCmSnQskjzA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 61fc374c3cd9cc001d9837d3 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 191ms
170ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/61fc374c3cd9cc001d9837d3

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

782b6ef922b6a0ae225921232d97a7472064deae5e4a48a66adc1c5717a965af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7b02d23b5f6c5b38-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 247 KB
68 KB 59ms
16ms Script
application/javascript 2600:9000:223c:e400:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:e400:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1f7146430cd7b473637f971f7d064ea81ded6ce4ba761c84713e98949859fc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1280
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Feb 2023 21:19:16 GMT
server: Apache
etag: W/"252900-1676409556000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: BTGwnu-bEFuP4doTOd6f3e5zKTR-gK3H8t51YYraARazQKzgiQwllQ==
expires: Fri, 24 Mar 2023 07:12:45 GMT

GET
H2 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
29 KB 51ms
9ms Stylesheet
text/css 2600:9000:223c:e400:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3H4VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:e400:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 15:29:28 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P2
age: 15031
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 27 Aug 2021 04:05:28 GMT
server: Apache
etag: W/"28820-1630037128000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: gaQW798F8OjUewH-Q9bOBYmHlV8R5ePRP-7aUvNrdEh_5tx_R5Nezw==
expires: Mon, 27 Mar 2023 15:29:09 GMT

GET
H/1.1 200
OK dpm_fa5b7e293127b3837c39f7fbd05598f32c8ce1c9.min.js Show response
s.dpmsrv.com/ 65 KB
14 KB 100ms
16ms Script
application/x-javascript 13.32.99.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_fa5b7e293127b3837c39f7fbd05598f32c8ce1c9.min.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58c67a1bf42a9099df20fd93e63eaee29f297e26e0c419f53ce390063243a5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 13:11:40 GMT
Content-Encoding: gzip
Via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Mar 2023 16:10:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 23294
x-amz-server-side-encryption: AES256
ETag: "2737dedee803f9ba69dec5c150563a96"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13464
X-Amz-Cf-Id: ZnAM0e7JxTXje3J7crVs40qpyobe1KFNHOC3HCFOLOyOIP4ASs9vkg==

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 277ms
8ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?3022023
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:26:19 GMT
content-encoding: br
age: 814
x-guploader-uploadid: ADPycdsdgv2muZ1MGbInpXxAf6Yg49QqnFeQrzeHmY56_pZE2OGZN0Zfwk1M__vQC5qusiWhw_-yx6lNvmOP9gn5b27XXkwQizDx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10473
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

GET
H/1.1 200
OK 638fcc82b01c28007ab696e4 Show response
api.42chat.com/api/messenger/event/ 1 KB
2 KB 348ms
97ms Script
application/javascript 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.42chat.com/api/messenger/event/638fcc82b01c28007ab696e4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3H4VH

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

a6e832038d5d663b1cd976e1533fd2b70b3cc655f9084d3b1690109797ea20bf

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' 'unsafe-inline' .42chat.com wss://.42chat.com .amazonaws.com;font-src 'self' 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com data:;frame-src 'self' 'unsafe-inline' js.stripe.com .42chat.com;img-src 'self' 'unsafe-inline' data: s.gravatar.com i1.wp.com .42chat.com .amazonaws.com;script-src 'self' 'unsafe-inline' js.stripe.com https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.6.347/pdf.worker.min.js;style-src 'self' 'unsafe-inline' fonts.googleapis.com;default-src 'self';base-uri 'self';block-all-mixed-content;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' 'unsafe-inline' *.42chat.com wss://*.42chat.com *.amazonaws.com;font-src 'self' 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com data:;frame-src 'self' 'unsafe-inline' js.stripe.com *.42chat.com;img-src 'self' 'unsafe-inline' data: s.gravatar.com i1.wp.com *.42chat.com *.amazonaws.com;script-src 'self' 'unsafe-inline' js.stripe.com https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.6.347/pdf.worker.min.js;style-src 'self' 'unsafe-inline' fonts.googleapis.com;default-src 'self';base-uri 'self';block-all-mixed-content;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 30 Mar 2023 19:39:53 GMT
Via: 1.1 vegur
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1128
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
Etag: W/"468-IHl8ACNgONZPMAS2N8Oc/VIX2Pw"
Expect-Ct: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=utf-8
Feature-Policy: camera
Access-Control-Allow-Credentials: true

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
81 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DWK06SRPJT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3H4VH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c5757839df7d5eec5903e484fe812563219318f1fcc739ac9a595913b980c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Mar 2023 19:39:53 GMT

GET
H2

200

blank.gif
rdcdn.com/images/
Redirect Chain

https://rdcdn.com/rt?aid=19932&e=1&img=1
https://rdcdn.com/eow
https://rdcdn.com/images/blank.gif

42 B
199 B

224ms
224ms

Image
image/gif

52.202.208.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdcdn.com/images/blank.gif
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Server: 52.202.208.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-208-11.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:54 GMT
last-modified: Thu, 23 Dec 2021 21:40:20 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "ec522af45f8d71:0"
content-length: 42
content-type: image/gif

Redirect headers

date: Thu, 30 Mar 2023 19:39:54 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/html; charset=utf-8
location: https://rdcdn.com/images/blank.gif
cache-control: private
content-length: 151

GET
H2 200 pica.js
www.barandrestaurantexpo.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame EF17 7 KB
3 KB 18ms
18ms Other
application/javascript 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barandrestaurantexpo.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7be1cd252a4c093b2b2e13c873dd21c50357472323b5dc4918206859622f6d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b02d23b4ae239bc-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
219 B 17ms
17ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=383927828&t=pageview&_s=1&dl=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C&ul=en-us&de=UTF-8&dt=Attendee%20Inquiry%20%7C%20Bar%20%26%20Restaurant%20Expo%20(Ncb%20Show)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=996464540&gjid=1306956224&cid=1960682202.1680205194&tid=UA-9813260-1&_gid=1809883996.1680205194&_r=1&_slc=1&gtm=45He33r0n71M3H4VH&z=1406632958

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 19:39:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.barandrestaurantexpo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
264 B 58ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DWK06SRPJT&gtm=45je33r0&_p=383927828&cid=1960682202.1680205194&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680205193&sct=1&seg=0&dl=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C&dt=Attendee%20Inquiry%20%7C%20Bar%20%26%20Restaurant%20Expo%20(Ncb%20Show)&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DWK06SRPJT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 19:39:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.barandrestaurantexpo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1366140510424167 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 151ms
151ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1366140510424167?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f22d8133a88aeafb897792e374d2dcdd0aee7db80027bcb3185c47e246b6386f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 30 Mar 2023 19:39:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cJeDzDQ8mO69Dis9czEI4fq3JM2UI72LsTAvvFcUOBl0Y9CRhHKfYrlP7hEcgjZFPi96jcafmhnBUhnlhgMIlQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 7b02d232edd039bc Show response
www.barandrestaurantexpo.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame EF17 2 B
322 B 49ms
49ms XHR
text/plain 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.barandrestaurantexpo.com/cdn-cgi/challenge-platform/h/b/cv/result/7b02d232edd039bc
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680192000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
content-encoding: br
server: cloudflare
cf-ray: 7b02d23d7e9b39bc-FRA
content-type: text/plain; charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
356 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9813260-1&cid=1960682202.1680205194&jid=996464540&gjid=1306956224&_gid=1809883996.1680205194&_u=YGBACAAABAAAAC~&z=165981951

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 30 Mar 2023 19:39:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.barandrestaurantexpo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BRE21%20Halftone%20BG-01.png
qtxasset.com/cdn-cgi/image/w=1920,h=1080,f=auto,fit=crop,g=0.5x0.5,quality=80/https://qtxasset.com/quartz/qcloud1/media/image/ 347 KB
348 KB 166ms
128ms Image
image/webp 104.16.93.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qtxasset.com/cdn-cgi/image/w=1920,h=1080,f=auto,fit=crop,g=0.5x0.5,quality=80/https://qtxasset.com/quartz/qcloud1/media/image/BRE21%20Halftone%20BG-01.png?VersionId=xjm0sc9lpAoUIWLP4Qr2rEWAW9Dd4RrB

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.93.165 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9539f56b911e59702ab92b6f6cb294f9cadf3c5efcbcfc137c7f0c6e7c915220

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:54 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 355634
cf-resized: internal=ok/h q=0 n=14+285 c=0+0 v=2023.3.5 l=355634
last-modified: Tue, 29 Jun 2021 19:18:48 GMT
cf-bgj: imgq:81,h2pri
server: cloudflare
etag: "cfu2eI1BP1wQlAPs4F74Mtrlt-ZDqhXWraxdkFXLQpDQ:4ce10f03024b4538fb88ee644d676173"
vary: Accept, Accept-Encoding
warning: cf-images 299 "image too large for AVIF"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b02d23dc9809b76-FRA

GET
H2 200 fa-solid-900.woff2
www.barandrestaurantexpo.com/libraries/fontawesome/webfonts/ 134 KB
134 KB 32ms
32ms Font
text/plain 2606:4700::6811:d834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barandrestaurantexpo.com/libraries/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/sites/qcloud1/files/css/css_cIzjQtGQ-jAAH97_-V5tW0NROSuOzej78Bfjf0qK4UQ.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d834 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa87d17ddaa5c7f3bc99debd919894681e2f1852f018ea99a28c77df59064dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.barandrestaurantexpo.com/sites/qcloud1/files/css/css_cIzjQtGQ-jAAH97_-V5tW0NROSuOzej78Bfjf0qK4UQ.css
Origin: https://www.barandrestaurantexpo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 218285
x-cache: MISS
x-ah-environment: prod
content-length: 136824
x-request-id: v-aa8a5d18-c9f1-11ed-8e6c-739c5ba7ad93
last-modified: Thu, 16 Mar 2023 22:22:53 GMT
server: cloudflare
vary: Host, Accept-Encoding
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7b02d23d9ede39bc-FRA
expires: Fri, 07 Apr 2023 03:12:10 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/CWY4JBC5CVDIRM67POBB3F/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

10ms
9ms

Script
application/javascript

2600:9000:225e:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Server: 2600:9000:225e:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Thu, 30 Mar 2023 15:40:38 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 14358
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 12OWtGgHUH_EpFIYGAioVyNKve5p3keVRzwuehm8ThZyecN3KfQsMQ==

Redirect headers

Date: Thu, 30 Mar 2023 01:18:31 GMT
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Age: 66081
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: W4D8MDNKqvIw3ylK-l-gAnR8bnTzW5UFzY2nuqvVME7OTkb9fWTT9g==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/CWY4JBC5CVDIRM67POBB3F/RNLI6UCEQFGR3ECWZBVC7S/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

8ms
8ms

Script
application/javascript

2600:9000:225e:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Server: 2600:9000:225e:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Thu, 30 Mar 2023 18:45:24 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 3905
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 9PVd3yL4iJLzy7MdpgbaLfEvDonh79niuQcQRf5PBFsHAjeUKp4eQA==

Redirect headers

Date: Thu, 30 Mar 2023 01:18:31 GMT
Via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
Age: 66081
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: TffCvFheiptqVETl6JdVoe1bgtexamA3OjuSRzcFDXvopEmfipZmxw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/CWY4JBC5CVDIRM67POBB3F/RNLI6UCEQFGR3ECWZBVC7S/ 4 KB
3 KB 29ms
14ms Script
text/javascript 2600:9000:225e:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/CWY4JBC5CVDIRM67POBB3F/RNLI6UCEQFGR3ECWZBVC7S/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: yJPgPV5K9.ilUFh8SuvzZFwaYEVDSeX_
Content-Encoding: gzip
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Date: Thu, 30 Mar 2023 19:02:59 GMT
Age: 2215
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 02:50:04 GMT
Server: AmazonS3
Etag: W/"a7bb70ece1e3f0f3879dcfca4857a770"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: qZCaoYdOi-BdV21ITfaS19iBD72QEs9AFK6_b3OG_E0xHIxb3gQxEA==

GET
H2 200 NCB21%20BRE%20Evolution%20Form%20Focal.V2.jpg
qtxasset.com/cdn-cgi/image/w=550,h=550,f=auto,fit=crop,g=0.5x0.5/https://qtxasset.com/quartz/qcloud1/2021-06-event-focal-image/ 55 KB
55 KB 165ms
137ms Image
image/avif 104.16.93.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qtxasset.com/cdn-cgi/image/w=550,h=550,f=auto,fit=crop,g=0.5x0.5/https://qtxasset.com/quartz/qcloud1/2021-06-event-focal-image/NCB21%20BRE%20Evolution%20Form%20Focal.V2.jpg?VersionId=ZRA4QGDOi3J70.9RnAL25LbAyhT7srs1

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.93.165 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84784cb8395cdfd137a0ccc6706e4fc102639e37951c424da7e86f8b319d3356

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:54 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56561
cf-resized: internal=ok/h q=0 n=25+189 c=0+0 v=2023.3.5 l=56561
last-modified: Wed, 30 Jun 2021 19:52:10 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cftedcf1YYUUZ2J69V50BzNOE2uaCbhEzf6_eZXfGeDQ:c5089a802990a60caf1c57cc5be8afca"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b02d23dc9829b76-FRA

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 509ms
121ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.barandrestaurantexpo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Thu, 30 Mar 2023 19:39:54 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 630ms
124ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.barandrestaurantexpo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Thu, 30 Mar 2023 19:39:54 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
354 B 249ms
124ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 30 Mar 2023 19:39:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 126ms
95ms Fetch
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48144
x-xss-protection: 0
server: cafe
etag: 360687107489544033
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 19:39:53 GMT

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
354 B 248ms
135ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 30 Mar 2023 19:39:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D913%26pixelIndex%3D0%26r%3D453388%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww....
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D913%2526pixelIndex%253D0%2526r%25...
https://a.dpmsrv.com/dpmpxl/index.php?id=4008916930970794437&zn=&sn=&q=xImp&v=1.x&cl=913&pixelIndex=0&r=453388&tzOffset=0&url=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3...

245 B
994 B

439ms
93ms

Script
text/javascript

54.235.106.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=4008916930970794437&zn=&sn=&q=xImp&v=1.x&cl=913&pixelIndex=0&r=453388&tzOffset=0&url=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Server: 54.235.106.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-106-154.compute-1.amazonaws.com
Software: /
Resource Hash: edb9caffbf5fbc8ac4c1e41bcfb9aaf2168c917efb05440b8d2ff2a0926e7f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 215
Expires: 0

Redirect headers

Date: Thu, 30 Mar 2023 19:39:53 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 05bfbd17-4f44-4167-8c63-a59986ed3eb5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=4008916930970794437&zn=&sn=&q=xImp&v=1.x&cl=913&pixelIndex=0&r=453388&tzOffset=0&url=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK chatbot Show response
app.42chat.com/ Frame 81C9 577 B
2 KB 317ms
93ms Document
text/html 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button

Requested by

Host: api.42chat.com
URL: https://api.42chat.com/api/messenger/event/638fcc82b01c28007ab696e4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-204-238-15.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e108a05b9e38dd48e054836c9310dec58bd4f9339132534b2fd06ad9e7ef767f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' 'unsafe-inline' .42chat.com wss://.42chat.com .datadoghq.com .amazonaws.com https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.6.347/pdf.worker.min.js;font-src 'self' 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com data:;frame-src 'self' 'unsafe-inline' js.stripe.com .42chat.com portal-2.flatfile.io https://excon-shell-prod.web.app/;img-src 'self' 'unsafe-inline' data: s.gravatar.com i1.wp.com i0.wp.com .42chat.com .amazonaws.com;script-src 'self' 'unsafe-inline' js.stripe.com .42chat.com https://unpkg.com/pdfjs-dist@2.12.313/build/pdf.worker.min.js blob:;style-src 'self' 'unsafe-inline' fonts.googleapis.com;frame-ancestors 'self' https://.42chat.com http://localhost:3000 ;default-src 'self';base-uri 'self';block-all-mixed-content;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 577
Content-Security-Policy: connect-src 'self' 'unsafe-inline' *.42chat.com wss://*.42chat.com *.datadoghq.com *.amazonaws.com https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.6.347/pdf.worker.min.js;font-src 'self' 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com data:;frame-src 'self' 'unsafe-inline' js.stripe.com *.42chat.com portal-2.flatfile.io https://excon-shell-prod.web.app/;img-src 'self' 'unsafe-inline' data: s.gravatar.com i1.wp.com i0.wp.com *.42chat.com *.amazonaws.com;script-src 'self' 'unsafe-inline' js.stripe.com *.42chat.com https://unpkg.com/pdfjs-dist@2.12.313/build/pdf.worker.min.js blob:;style-src 'self' 'unsafe-inline' fonts.googleapis.com;frame-ancestors 'self' https://*.42chat.com http://localhost:3000 *;default-src 'self';base-uri 'self';block-all-mixed-content;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Content-Type: text/html; charset=UTF-8
Date: Thu, 30 Mar 2023 19:39:54 GMT
Etag: W/"241-18710c9bbc8"
Last-Modified: Thu, 23 Mar 2023 23:24:29 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Cowboy
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
310 B 38ms
37ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=66459&ct=js&pi=&fp=undefined&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C&pv=1680205193894_q50ccbnzd&bl=en-us&cb=3465362&return=&ht=&d=&dc=&si=1680205193894_q50ccbnzd&cid=&s=1600x1200&rp=&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?3022023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Mar 2023 19:39:53 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 686ms
159ms Script
application/javascript 54.236.171.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=3022023&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?3022023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.171.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-171-84.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:39:53 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 31 Mar 2023 19:39:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 28ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1366140510424167&ev=PageView&dl=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C&rl=&if=false&ts=1680205193924&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680205193923.1019244242&it=1680205193556&coo=false&rqm=GET

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 30 Mar 2023 19:39:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 CWY4JBC5CVDIRM67POBB3F Show response
d.adroll.com/consent/check/ 453 B
547 B 104ms
32ms Script
application/javascript 2a05:d018:cc3:fe04:9ce8:2a91:ad50:9522
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/CWY4JBC5CVDIRM67POBB3F?pv=9236112949.099117&arrfrr=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C&_s=f73c3fce126bbdb25900819c7c4e7ce5&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:9ce8:2a91:ad50:9522 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ced39e172754e1211c4478375fb8fc22cca0368cd18c93c882f4f8255731af7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:54 GMT
server: nginx/1.22.1
content-length: 453
content-type: application/javascript

HEAD
H2 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 109ms
73ms Fetch
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25737
x-xss-protection: 0
server: cafe
etag: 414 / 19446 / m202303270101 / config-hash: 4618862490447205413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 19:39:54 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 410 KB
55 KB 9ms
8ms Script
application/javascript 2600:9000:225e:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding: gzip
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Date: Thu, 30 Mar 2023 19:35:57 GMT
Age: 237
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
Server: AmazonS3
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: xNmTa3vnu9b6mlFCntEKSTRRNqdUeRfHfLoTfk4_f01yKSqRAJ4i9Q==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 10ms
10ms Image
image/png 2600:9000:225e:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Thu, 30 Mar 2023 19:31:35 GMT
Via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
Age: 566
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Ukiaiy9BITAO2ZileMjmLKOduhONt7Tr3Av9T1oTCRl8U78F5N7lhQ==

GET
H/1.1 200 spinner.gif
cdn.omeda.com/hosted/images/dragon/generic/ Frame 0AA6 9 KB
9 KB 1711ms
114ms Image
image/gif 205.162.42.5
QTS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.omeda.com/hosted/images/dragon/generic/spinner.gif

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/init.do?omedasite=NCBShowAttendeeInquiry

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.162.42.5 Overland Park, United States, ASN53866 (QTS-AS, US),

Reverse DNS

cdn.omeda.com

Software

Apache /

Resource Hash

056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:39:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Oct 2016 20:45:02 GMT
Server: Apache
ETag: W/"8851-1476132302920"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 81C9 2 KB
839 B 56ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Requested by

Host: app.42chat.com
URL: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

808f97075fc1233d487b23401e97c6c11fb39eb115ec0d9fc251ec09d9b2d5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 19:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 19:28:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 19:39:54 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame 81C9 569 B
441 B 56ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: app.42chat.com
URL: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 19:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 19:39:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 19:39:54 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 81C9 452 KB
109 KB 81ms
17ms Script
text/javascript 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.42chat.com
URL: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-74.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

aa904168958f38d568ada0afaaba8cbb92c29a64509dd1eb57268496026437d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 19:39:08 GMT
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 52
x-cache: Hit from cloudfront
last-modified: Thu, 30 Mar 2023 17:31:56 GMT
server: Cloudfront
etag: W/"28f399d12becb9c6ddd3d2d18762e9dd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: OdBS_XXDaVAiXuQQYjZ7lHqlReFh-ydxVa1QCS1B8pdlzhiO0HCJKg==

GET
H/1.1 200
OK main.0602b0ac18388535ce66.js Show response
app.42chat.com/ Frame 81C9 2 MB
707 KB 95ms
95ms Script
text/javascript 54.204.238.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.42chat.com/main.0602b0ac18388535ce66.js

Requested by

Host: app.42chat.com
URL: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-204-238-15.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

bd1c5acd3112e0f4c6db7b505200384911e8d87c3dcd6b318af034cc0db4cfc0

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' 'unsafe-inline' .42chat.com wss://.42chat.com .datadoghq.com .amazonaws.com https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.6.347/pdf.worker.min.js;font-src 'self' 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com data:;frame-src 'self' 'unsafe-inline' js.stripe.com .42chat.com portal-2.flatfile.io https://excon-shell-prod.web.app/;img-src 'self' 'unsafe-inline' data: s.gravatar.com i1.wp.com i0.wp.com .42chat.com .amazonaws.com;script-src 'self' 'unsafe-inline' js.stripe.com .42chat.com https://unpkg.com/pdfjs-dist@2.12.313/build/pdf.worker.min.js blob:;style-src 'self' 'unsafe-inline' fonts.googleapis.com;frame-ancestors 'self' https://.42chat.com http://localhost:3000 ;default-src 'self';base-uri 'self';block-all-mixed-content;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: connect-src 'self' 'unsafe-inline' *.42chat.com wss://*.42chat.com *.datadoghq.com *.amazonaws.com https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.6.347/pdf.worker.min.js;font-src 'self' 'unsafe-inline' fonts.googleapis.com fonts.gstatic.com data:;frame-src 'self' 'unsafe-inline' js.stripe.com *.42chat.com portal-2.flatfile.io https://excon-shell-prod.web.app/;img-src 'self' 'unsafe-inline' data: s.gravatar.com i1.wp.com i0.wp.com *.42chat.com *.amazonaws.com;script-src 'self' 'unsafe-inline' js.stripe.com *.42chat.com https://unpkg.com/pdfjs-dist@2.12.313/build/pdf.worker.min.js blob:;style-src 'self' 'unsafe-inline' fonts.googleapis.com;frame-ancestors 'self' https://*.42chat.com http://localhost:3000 *;default-src 'self';base-uri 'self';block-all-mixed-content;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Server: Cowboy
Date: Thu, 30 Mar 2023 19:39:54 GMT
Last-Modified: Thu, 23 Mar 2023 23:24:29 GMT
Etag: W/"b0804-18710c9bbc8"
Via: 1.1 vegur
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 722948

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=4008916930970794437&pixelIndex=0
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=4008916930970794437&pixelIndex=0&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=4008916930970794437&pixelIndex=0&google_gid=CAESELG-iQ4cAQDoMXEtFdxDC2A&google_cver=1

0
598 B

95ms
94ms

Script
text/javascript

54.235.106.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=4008916930970794437&pixelIndex=0&google_gid=CAESELG-iQ4cAQDoMXEtFdxDC2A&google_cver=1
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Server: 54.235.106.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-106-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Mar 2023 19:39:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=4008916930970794437&pixelIndex=0&google_gid=CAESELG-iQ4cAQDoMXEtFdxDC2A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
99 B 75ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=4008916930970794437
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
55 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1366140510424167&ev=Microdata&dl=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C&rl=&if=false&ts=1680205194427&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Attendee%20Inquiry%20%7C%20Bar%20%26%20Restaurant%20Expo%20(Ncb%20Show)%22%2C%22meta%3Akeywords%22%3A%22%2C%2C%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Bar%20%26%20Restaurant%20Expo%20(Ncb%20Show)%22%2C%22og%3Atype%22%3A%22page%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%22%2C%22og%3Atitle%22%3A%22Attendee%20Inquiry%22%2C%22og%3Adescription%22%3A%22%7C%22%2C%22article%3Atag%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680205193923.1019244242&it=1680205193556&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 30 Mar 2023 19:39:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 200 p Show response
cdp.omeda.com/olytics/segments/ 2 KB
2 KB 167ms
166ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

f85620625bc0df9e5ce6ebe1704f15b7a40529d72349e23bec746de2d4316255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 30 Mar 2023 19:39:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 p
cdp.omeda.com/olytics/segments/ Frame 0
0 579ms
107ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.barandrestaurantexpo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Thu, 30 Mar 2023 19:39:54 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

GET
H/1.1 200
OK QRTZ22+Cookies+Consent+-+Close.svg
s3.amazonaws.com/publicaudience.qtxasset.com/All+Brands/Omeda+Assets/Icons/ 479 B
839 B 125ms
125ms Image
image/svg+xml 52.217.43.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/publicaudience.qtxasset.com/All+Brands/Omeda+Assets/Icons/QRTZ22+Cookies+Consent+-+Close.svg
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.43.86 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fcfe47ed943044cf2222be54bb97f838b5c8a3ff0668dbb8452aae6db388a877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:39:56 GMT
Last-Modified: Tue, 07 Jun 2022 15:36:55 GMT
Server: AmazonS3
x-amz-request-id: EVQYA77BXD46GCQQ
ETag: "c2c81d349f706817873eb7298d232ea1"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 479
x-amz-id-2: 1kiM37nMV2o3FO+8IrnlagUk8rxCp88D0wDH+IlF8Rq0w+M0OB7ZrXyz+aNim6sWhaDKycJjPwk=

GET
H/1.1 200 loading.do Show response
sample.dragonforms.com/ Frame 0AA6 25 KB
9 KB 181ms
181ms Document
text/html 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/init.do?omedasite=NCBShowAttendeeInquiry

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

da405164e9578ab54d921ab39deae3a2cd1c3ec585ca860550736d80edc590a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sample.dragonforms.com/init.do?omedasite=NCBShowAttendeeInquiry
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 30 Mar 2023 19:40:03 GMT
Keep-Alive: timeout=5
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 entity_site_334b.css
hostedcontent.dragonforms.com/hosted/images/dragon/generic/334/ Frame 0AA6 19 KB
19 KB 232ms
167ms Stylesheet
text/css 2600:9000:2251:f600:c:860d:a440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hostedcontent.dragonforms.com/hosted/images/dragon/generic/334/entity_site_334b.css

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:f600:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

72323441b66713a5899004ac56d9c2513751232daa08135bab8fee394d9add67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Apr 2020 16:57:04 GMT
server: Apache
etag: W/"19159-1587574624132"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: M8Fs8AbsmtIha7M-RdK_xxMlxtoIhO-AxaXOHQ2gW5wMvDD1srdBVg==

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ Frame 0AA6 84 KB
29 KB 297ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://sample.dragonforms.com/
Origin: https://sample.dragonforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
x-hw: 1680205196.dop212.fr8.t,1680205196.cds331.fr8.hn,1680205196.cds140.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 conditional.js Show response
static-cdn.dragonforms.com/js/ Frame 0AA6 35 KB
35 KB 83ms
17ms Script
application/javascript 2600:9000:223c:bc00:0:d27a:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static-cdn.dragonforms.com/js/conditional.js?build=V23.4-20230309

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

89e0d5e92136af3c2f1d53d4bd524e308554a0ddf9e44a5bd89ab2e2bdbddd7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:41:20 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Thu, 29 Dec 2022 18:08:56 GMT
server: Apache
x-amz-cf-pop: FRA56-P2
age: 79128
etag: W/"35615-1672337336000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 6pWPS6zONK_kFVWUzeXboyVYxi4tGuNkC3DDR3qwj8AjUtZaQAIC6Q==
x-xss-protection: 1; mode=block

GET
H2 200 dragonCampaign.js Show response
static-cdn.dragonforms.com/js/ Frame 0AA6 13 KB
13 KB 82ms
16ms Script
application/javascript 2600:9000:223c:bc00:0:d27a:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static-cdn.dragonforms.com/js/dragonCampaign.js?build=V23.4-20230309

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f084eb3b60be7c6309cc5ff62056f29deba6ae55270642089f04f035d9cb3738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 00:58:34 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 01 Nov 2022 12:59:08 GMT
server: Apache
x-amz-cf-pop: FRA56-P2
age: 67289
etag: W/"13287-1667307548000"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: JxwB9Qa_hYqF8e8MWPtvxOa9j6FSrNAZWqahhkuMdwHl0EohP3h3hQ==
x-xss-protection: 1; mode=block

GET
H2 200 generic.css
static-cdn.dragonforms.com/style/ Frame 0AA6 2 KB
1 KB 81ms
16ms Stylesheet
text/css 2600:9000:223c:bc00:0:d27a:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static-cdn.dragonforms.com/style/generic.css?build=V23.4-20230309

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:bc00:0:d27a:1440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 01:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 65479
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Jun 2021 15:35:48 GMT
server: Apache
etag: W/"2478-1623339348000"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: tj8S2wlWVh_n1x_JSUO7u0H2Mpr_eVV-JUHmZJ0h4Q4RS7663en-kg==

GET
H2 200 f694db1490.js Show response
kit.fontawesome.com/ Frame 0AA6 11 KB
4 KB 80ms
34ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/f694db1490.js

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

324f8ebe8677371588345f72eaef068848b632a0a9d0a4099d4dec483ff1892b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://sample.dragonforms.com/
Origin: https://sample.dragonforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7b02d24cbd0abb65-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F1BaBs_LOQ1lQ0kC2HUh

GET
H2 200 757.css
hostedcontent.dragonforms.com/hosted/images/dragon/12247/ Frame 0AA6 3 KB
4 KB 342ms
278ms Stylesheet
text/css 2600:9000:2251:f600:c:860d:a440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hostedcontent.dragonforms.com/hosted/images/dragon/12247/757.css

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:f600:c:860d:a440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b53574d999f4a2ad6d4f68a38b4e4d0a5c86eddc43e6d1dcf1a02ace61c855cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 20:15:32 GMT
server: Apache
x-amz-cf-pop: FRA60-P3
etag: W/"3305-1630354532812"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: vOJlyotMoAdBI42UOiKqf1pus8p02q0F10WYZHo-4HQbYyqujjTVDQ==
x-xss-protection: 1; mode=block

GET
H/1.1 200 217.gif
cdn.omeda.com/hosted/images/dragon/generic/ Frame 0AA6 9 KB
9 KB 122ms
121ms Image
image/gif 205.162.42.5
QTS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.omeda.com/hosted/images/dragon/generic/217.gif

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.162.42.5 Overland Park, United States, ASN53866 (QTS-AS, US),

Reverse DNS

cdn.omeda.com

Software

Apache /

Resource Hash

056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:39:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Aug 2016 18:46:39 GMT
Server: Apache
ETag: W/"8851-1472150799847"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 olyticsLinkAssistance.js Show response
sample.dragonforms.com/js/ Frame 0AA6 4 KB
4 KB 123ms
123ms Script
application/javascript 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sample.dragonforms.com/js/olyticsLinkAssistance.js

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

2deb0d094a307e99fcaa3dfd02f9802de8e485134d85a2f1d2d77d453dc8b934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:40:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 25 Jul 2022 13:12:48 GMT
Server: Apache
ETag: W/"4025-1658754768000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 0AA6 59 KB
13 KB 41ms
19ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=f694db1490
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f694db1490.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 17231163
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OT9yLfWxE6ZBxvFFGLeWEcc6JzwrG0plVd%2FlDU08qisWwIZmyex%2BxpHEQkuD%2BbKd3qqjURJr4qdR649W6ka%2B%2BwD0QkDZ3XRkJPMuYvBdmm3UGfgJaq1GSF20bI5856fhxhdsJvYD%2Fa02lY2%2Bior%2FjK3n1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7b02d24e8d7c5c5c-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: EgKUVkslwOPhMsaM0h-o2NQSWGU_bJLZbsf53oUqpHTbxOc-hx_cPg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 0AA6 26 KB
4 KB 45ms
23ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=f694db1490
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f694db1490.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 17181124
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kc2JGnwiNUC%2FX45eOEeCgAMnGZr6E6RxOtujUNLuAOb5AOk3n9Bf7V0uHNxoFfRA8fMnDZcd0aAnz1GBLnuOjHZTM5rmb98YoFlho%2Bmy4X1cnvDw%2FYniwNB2dNozJBUkjPqSINpwaCGHyaklCP8npQ7XLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7b02d24e8d7e5c5c-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 299T0Yo93q-BfXd4r1wKLHB5c4yd7PI9VB_5zhFxj0xTM74Lnq-DCQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 0AA6 3 KB
2 KB 38ms
17ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=f694db1490
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f694db1490.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdeda.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ZRH50-C1
age: 17181124
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGLDtDjhzRE00YEsXzk%2BLgeWgauq6mlAwnVu%2BNWr%2Bj6vU62uCBE37fvLtUpTpWr6A6fWYvyzBbElthcKSSiWXjXIKHXmMALGyFDwi%2B5C%2F5bd6P3dtXxaTyd13HPTlX8KFujyjAkqm3pjSLFk8%2FPUvY0NHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7b02d24e8d805c5c-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: WqJNhkC8O_P0bSnLhAymDYKS2-BE0WUu-SMGy4cxCm6rttDvURc_IA==

GET
H2 200 css
fonts.googleapis.com/ Frame 0AA6 26 KB
1 KB 21ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:,400,200,200italic,300,300italic,600,400italic,600italic,900,700italic,700,900italic

Requested by

Host: hostedcontent.dragonforms.com
URL: https://hostedcontent.dragonforms.com/hosted/images/dragon/12247/757.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62a778d1aeb3888c56b5c930f8f343bbe2014a0f9b5c874af061bd6b18e1eafe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hostedcontent.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Mar 2023 19:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 19:39:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Mar 2023 19:39:56 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0AA6 120 KB
46 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV5SCJ

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2a604a92e66efd3a0245187f8c17c760f6205b9e77d10aac3c753765e669e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47498
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Mar 2023 19:39:56 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 97ms
97ms Script
text/javascript 54.235.106.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?zn=&sn=&q=xSeg&v=1.x&ep%5Bids%5D=29315642%2C29315652%2C29028703%2C16013439&cl=913&pixelIndex=0&r=586370&tzOffset=0&url=https%3A%2F%2Fwww.barandrestaurantexpo.com%2Fncbshow-attendee-inquiry%3Foly_enc_id%3D8131F8723101I3C&id=4008916930970794437
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_fa5b7e293127b3837c39f7fbd05598f32c8ce1c9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.106.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-106-154.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1 KB 319ms
319ms Image
image/gif 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=827&add=29315642,29315652,29028703,16013439

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Mar 2023 19:39:56 GMT
AN-X-Request-Uuid: b67609fc-739e-4ca6-b6e2-6f9e5174ce43
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.198; 80.255.10.198; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ Frame 0AA6 247 KB
68 KB 8ms
8ms Script
application/javascript 2600:9000:223c:e400:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: sample.dragonforms.com
URL: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:e400:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4b3a2a772b4f62350f65433b5189ed1b7f9ae9c00e05c1489fc803b95163e9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1283
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 14 Feb 2023 21:19:16 GMT
server: Apache
etag: W/"252900-1676409556000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: k9y5FDhvANE0PMB-50n1CG76u6LhPI6C6k4W2lYlgJvAy-UaArSDqQ==
expires: Fri, 24 Mar 2023 07:12:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0AA6 13 KB
13 KB 39ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:,400,200,200italic,300,300italic,600,400italic,600italic,900,700italic,700,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sample.dragonforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options: nosniff
age: 39734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:42 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0AA6 13 KB
13 KB 39ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:,400,200,200italic,300,300italic,600,400italic,600italic,900,700italic,700,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sample.dragonforms.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options: nosniff
age: 39734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:42 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0AA6 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV5SCJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Mar 2023 18:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5685
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 30 Mar 2023 20:05:11 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0AA6 0
0 91ms
90ms Fetch
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48143
x-xss-protection: 0
server: cafe
etag: 9525915674674751976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 19:39:56 GMT

GET
H/1.1 200 evaluateConditionalContent.do;jsessionid=A435869BCE477552E1B409B7B8B42C49 Show response
sample.dragonforms.com/ Frame 0AA6 294 B
518 B 126ms
126ms XHR
text/x-json 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sample.dragonforms.com/evaluateConditionalContent.do;jsessionid=A435869BCE477552E1B409B7B8B42C49?demo181800=&demo181802=&demo181803=&demo181804=&demo181805=&demo181806=&demo181807=&demo181808=&demo181809=&demo181810=&demo181811=&demo181812=&opt181814=&opt181815=1&demo181816=HOSP-NCB-FORM-EVENTINQ-2021NCBShowAttendeeInq&demo181817=&dragon_pagenumber=1&jsessionid=A435869BCE477552E1B409B7B8B42C49&timestemp=1680205196698&omedasite=NCBShowAttendeeInquiry

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

9f6fe29c9d92e5a150326676ca8d564f042ac0854307b8aca653fa40b24202d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:40:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/x-json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 evaluateConditionalContent.do;jsessionid=A435869BCE477552E1B409B7B8B42C49 Show response
sample.dragonforms.com/ Frame 0AA6 294 B
518 B 1129ms
1129ms XHR
text/x-json 204.180.130.190
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.190 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

9f6fe29c9d92e5a150326676ca8d564f042ac0854307b8aca653fa40b24202d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sample.dragonforms.com/loading.do?omedasite=NCBShowAttendeeInquiry
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:40:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/x-json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

HEAD
H2 200 gpt.js
www.googletagservices.com/tag/js/ Frame 0AA6 0
0 54ms
54ms Fetch
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sample.dragonforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 19:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25737
x-xss-protection: 0
server: cafe
etag: 43 / 19446 / m202303270101 / config-hash: 4618862490447205413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Mar 2023 19:39:56 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 55AF 200 B
1 KB 15ms
15ms Document
text/html 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-74.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1313
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 30 Mar 2023 19:23:00 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 28 Mar 2023 20:14:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-id: VJFZlscCrOWLHBjedfJ2j6YJLvP75aBtYm0tqzbxxYmPvwxZ8oosJQ==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 55AF 0
642 B 565ms
188ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Mar 2023 19:39:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680205197644724
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 55AF 0
641 B 566ms
188ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Mar 2023 19:39:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680205197644728
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 55AF 631 B
1 KB 15ms
15ms Script
text/javascript 108.138.36.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-74.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 30 Mar 2023 19:34:44 GMT
x-content-type-options: nosniff
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 333
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 24 Mar 2023 20:38:18 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gIdT35KwMNFoEIv6rDXEzrwzlD_IhOh9ekty4HTjIKQgPyPCR7mErQ==

GET
H/1.1 200
OK chatbotBranding Show response
api.42chat.com/api/settings/events/638fcc82b01c28007ab696e4/key/ Frame 81C9 1 KB
2 KB 99ms
98ms Fetch
application/json 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.42chat.com/api/settings/events/638fcc82b01c28007ab696e4/key/chatbotBranding

Requested by

Host: app.42chat.com
URL: https://app.42chat.com/main.0602b0ac18388535ce66.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6e6e43bbcba98104ba082f187c40f07127965824026a0c865c1f4e887c8e0bb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

ParticipantAuth: Bearer undefined
Referer: https://app.42chat.com/chatbot?eventId=638fcc82b01c28007ab696e4&variant=button
accept-language: de-DE,de;q=0.9
Authorization: Bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 30 Mar 2023 19:39:57 GMT
Via: 1.1 vegur
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1185
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
Etag: W/"4a1-vfjkW1ao/AZAz9OQyIo8D7YD4mk"
Expect-Ct: max-age=0
X-Frame-Options: SAMEORIGIN
Vary: Origin
X-Download-Options: noopen
Access-Control-Allow-Origin: https://app.42chat.com
Content-Type: application/json; charset=utf-8
Feature-Policy: camera
Access-Control-Allow-Credentials: true

OPTIONS
H/1.1 204
No Content chatbotBranding
api.42chat.com/api/settings/events/638fcc82b01c28007ab696e4/key/ Frame 0
0 278ms
93ms Preflight 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.42chat.com/api/settings/events/638fcc82b01c28007ab696e4/key/chatbotBranding

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,participantauth
Access-Control-Request-Method: GET
Origin: https://app.42chat.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type,participantauth
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://app.42chat.com
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Date: Thu, 30 Mar 2023 19:39:57 GMT
Expect-Ct: max-age=0
Feature-Policy: camera
Referrer-Policy: no-referrer
Server: Cowboy
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Access-Control-Request-Headers
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Dns-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame EE00 930 B
1 KB 44ms
10ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 248
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 30 Mar 2023 19:39:57 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 298
x-content-type-options: nosniff
x-request-id: 21ac1c60-ae3d-47c0-b237-6d3b52021346
x-served-by: cache-hhn-etou8220030-HHN
x-timer: S1680205197.272851,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame EE00 0
415 B 453ms
189ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Thu, 30 Mar 2023 19:39:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1680205197644810
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame EE00 86 KB
16 KB 9ms
9ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 30 Mar 2023 19:39:57 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 195
x-cache: HIT
content-length: 16031
x-request-id: 0bb43522-8704-4e42-b867-034d9d70e6a8
x-served-by: cache-hhn-etou8220030-HHN
server: Fastly
x-timer: S1680205197.287687,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 223

GET
H2 200 async-api.61caf4d9-1228.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 34ms
9ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: J0GluopGath26np.0jFNgGyfwhEN0LgG
content-encoding: gzip
via: 1.1 varnish
date: Thu, 30 Mar 2023 19:39:57 GMT
x-amz-request-id: 39MSQ1DKMDR4KP9S
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1122
x-amz-id-2: zqO1QksesIUV4nn6wC//IWduG1cqSd6rQ5BpS9rrJjFO2rcZbahNmtZElKRVvhaao/ACPN1BpIE=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680205197.355071,VS0,VE0
etag: "5a15fa90d5c9cf59729e937de488758b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11280

GET
H2 200 lazy-loader.37550b27-1228.min.js Show response
js-agent.newrelic.com/ 928 B
901 B 33ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.37550b27-1228.min.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: veSIorK788CursSmiZNo6DAf4uBLqr8D
content-encoding: gzip
via: 1.1 varnish
date: Thu, 30 Mar 2023 19:39:57 GMT
x-amz-request-id: 39MQHKB4FTVE8AX8
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 415
x-amz-id-2: +gA/wzeu+BYBidSJRLdfeTmPzQYDi9Y4dhvMrVks/1Y/JNKiGM7MX8CbnlmFohBcrKUSPM9QawM=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680205197.354943,VS0,VE0
etag: "b6eaf4dad9b3e3384b0e9366ff9d0080"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11303

POST
H2 200 6 Show response
m.stripe.com/ Frame EE00 156 B
670 B 554ms
183ms XHR
application/json 54.148.145.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.145.131 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-145-131.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

50f8940c48766a4b14f832e67b2ad7ad6bb98944d1bfaf9c9fb02d8cfbc1dc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 30 Mar 2023 19:39:57 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680205197805106
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1680205197804635
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 862.e74e95d2-1228.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 9ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.e74e95d2-1228.min.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: gDL8cpdspH3IxcZPeLUXHRvPqJEXPWmp
content-encoding: gzip
via: 1.1 varnish
date: Thu, 30 Mar 2023 19:39:57 GMT
x-amz-request-id: 39MKB1VPE2X3X1JH
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3271
x-amz-id-2: QrcsZbeoZnLtWiIBOdPiyUdilxJ5kltGXwPlBKigQ7/kVFUlaKkCF4KElkW0Nu6fzVBfZjEctlM=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680205197.366830,VS0,VE0
etag: "ff02f82193fd2ec047cb131aa65a0dd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11174

GET
H2 200 page_view_event-aggregate.46b69e61-1228.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 8ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.46b69e61-1228.min.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: KBeqQAET2qZgk2U9E4XZJmVRm1HOq8Rk
content-encoding: gzip
via: 1.1 varnish
date: Thu, 30 Mar 2023 19:39:57 GMT
x-amz-request-id: 39MHVWN9H7FEWRWM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1729
x-amz-id-2: MW4sVc0UPrexL8zXkXcn1nuaN+qgRfZu415olasIAVGNC60DersNlrf1w9edbprmJ+5l1josJYM=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680205197.366388,VS0,VE0
etag: "75e56b9529bc3582d1ee120d4a1d49e9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11183

GET
H2 200 page_view_timing-aggregate.ced8c919-1228.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 10ms
9ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.ced8c919-1228.min.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ktDXvd_Dmea2UVJNoozUGAPGaGpVn1ZV
content-encoding: gzip
via: 1.1 varnish
date: Thu, 30 Mar 2023 19:39:57 GMT
x-amz-request-id: 39MYRHPXZTS5HRXW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: u+oa57n1CK4S06sBIetLOxtmqMiqLhVzNk8AWh2FfbluzEpEQquBoKkscMYS9YRIXovTAG78SsI=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680205197.367717,VS0,VE0
etag: "ddb946a277f5c644d555e8e1bcf23b77"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11164

GET
H2 200 metrics-aggregate.56d9a464-1228.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 9ms
8ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.56d9a464-1228.min.js
Requested by: Host: www.barandrestaurantexpo.com
URL: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: cAHIZ8FQmEPf2jyMvAgXJXAVQ_Jrw1XM
content-encoding: gzip
via: 1.1 varnish
date: Thu, 30 Mar 2023 19:39:57 GMT
x-amz-request-id: 39MRS044C0EB9NM9
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1751
x-amz-id-2: 50sQEHS16lHUQTs98GhcZe8WSK/x2ufiWcZm/u3ZR8IBsUAggngLYOfDRVJl0eOP9DSdETCTXKM=
x-served-by: cache-hhn-etou8220048-HHN
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680205197.367343,VS0,VE0
etag: "04475d81e10a8c7213d39d14e581c599"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11206

GET
H/1.1 200
OK 44925d6b58 Show response
bam.nr-data.net/1/ 49 B
518 B 333ms
256ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/44925d6b58?a=390221574&v=1228.PROD&to=NFBaMhZVDRIHABUPCg0aeQUQXQwPSScTExUCWWQIC1AGPSUMDxIXDFlUAxZoLQ4CBjcPABR2VwgQRgwNCgYTS1sVXF0R&rst=6480&ck=0&s=30ed313d885c6473&ref=https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry&qt=12&ap=542&be=2404&fe=4028&dc=95&perf=%7B%22timing%22:%7B%22of%22:1680205190895,%22n%22:0,%22f%22:1251,%22dn%22:1251,%22dne%22:1251,%22c%22:1251,%22ce%22:1251,%22rq%22:1252,%22rp%22:2299,%22rpe%22:2391,%22dl%22:2302,%22di%22:2499,%22ds%22:2499,%22de%22:2500,%22dc%22:6432,%22l%22:6432,%22le%22:6435%7D,%22navigation%22:%7B%7D%7D&fp=2432&fcp=2432&at=GBdZRF5PHhw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 30 Mar 2023 19:39:57 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7b02d2541f635c2c-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 81C9 23 KB
23 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.42chat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options: nosniff
age: 39735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:37:42 GMT

POST
H/1.1 204 p Show response
cdp.omeda.com/olytics/segments/ Frame 0AA6 0
244 B 131ms
131ms XHR
text/plain 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sample.dragonforms.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 30 Mar 2023 19:40:03 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 p
cdp.omeda.com/olytics/segments/ Frame 0
0 112ms
112ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sample.dragonforms.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Thu, 30 Mar 2023 19:40:03 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sample.dragonforms.com
URL: https://sample.dragonforms.com/NCBShowAttendeeInquiry

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.barandrestaurantexpo.com/	1970-01-20 10:44:51	Name: _gid Value: GA1.2.1809883996.1680205194
.barandrestaurantexpo.com/	1970-01-20 10:43:25	Name: _gat_UA-9813260-1 Value: 1
.barandrestaurantexpo.com/	1970-01-20 20:19:25	Name: _ga_DWK06SRPJT Value: GS1.1.1680205193.1.0.1680205193.0.0.0
.barandrestaurantexpo.com/	1970-01-20 20:19:25	Name: _ga Value: GA1.1.1960682202.1680205194
.ws.zoominfo.com/	1970-01-20 19:29:01	Name: visitorId Value: bff4ce3eb43551c7881dc28bad5c20114abe9e8d651f59ed2c943aadfe6a651b
.zoominfo.com/	1970-01-20 10:43:26	Name: __cf_bm Value: 0NqeeVWOIHtQaLp4JC3AeJzEqFZSTr9ikXqlsbx67jg-1680205193-0-AfkR7x7PkVby3hk5leT0PP0XOugr3y7p/SrlS+D4X2N88elSApk8gMw0aPA6+4HPQ8if9y3EkXdsLIsbVXRTrtQ=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: UtwyUc3yeWobCPTO_eUam7YChIBmed3N7ToQPMabkGE-1680205193658-0-604800000
rdcdn.com/	1970-01-20 20:19:25	Name: aid Value: 19932
rdcdn.com/	1970-01-20 20:19:25	Name: ref Value: https://www.barandrestaurantexpo.com/ncbshow-attendee-inquiry?oly_enc_id=8131F8723101I3C
rdcdn.com/	1970-01-20 20:19:25	Name: img Value: http://rdcdn.com/rt?aid=19932&e=1&img=1
.barandrestaurantexpo.com/	1970-01-20 19:29:01	Name: oly_enc_id Value: 8131F8723101I3C
.barandrestaurantexpo.com/	1970-01-20 19:29:01	Name: oly_anon_id Value: 34851e94-f72c-4e75-a6e8-5c26eccdb836
.barandrestaurantexpo.com/	1970-01-20 10:43:26	Name: __cf_bm Value: aklcgmMzK59SoIRzAsR9V8YFEFci.bndmg_83Mpqti4-1680205193-0-AR+fXIdESSki7mrx53Y5x/S+iDQ/TJvUKfRvJ1PegjExgKrPftOb0bAh3Di3DiB9/fLe2mIAzTdivNILUyMzMbiH/ZPq3g2Zj3ojmSWxknhzWRObxChiJFh/TtFGNzKW9Q==
.barandrestaurantexpo.com/	1970-01-20 19:29:01	Name: oly_fire_id Value: 2561H8010245A4V
www.barandrestaurantexpo.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.barandrestaurantexpo.com/	1970-01-20 12:53:01	Name: _fbp Value: fb.1.1680205193923.1019244242
.adnxs.com/	1970-01-20 12:53:01	Name: uuid2 Value: 4008916930970794437
sample.dragonforms.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: A435869BCE477552E1B409B7B8B42C49
.dpmsrv.com/	1970-01-20 20:19:25	Name: dpm_pxl Value: b58f5debd2c09f81b17028688a90f75143f38191
.dpmsrv.com/	1970-01-20 20:19:25	Name: dpm_pxl_aid Value: 4008916930970794437
www.barandrestaurantexpo.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.doubleclick.net/	1970-01-20 20:05:01	Name: IDE Value: AHWqTUm4_LVAwP5U7AfsTboUpk-WGIp1cwg4efV_2LQx6dYBbF-QqnmgJynr3Pso8AE
.dpmsrv.com/	1970-01-20 20:19:25	Name: xdpm_segsid_913 Value: 16013439%2C29315652%2C29315642%2C29028703
.dpmsrv.com/	1970-01-20 20:19:25	Name: xdpm_segs_913 Value:
.adnxs.com/	1970-01-20 12:53:01	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$IlE73!!]tbP6j2F-XstGt!@D9M$V4<2
.dragonforms.com/	1970-01-20 10:43:32	Name: oly_anon_id Value: ba3b4e59-1ca4-437a-8cd1-e20515b3c6c6
www.barandrestaurantexpo.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 4.002
m.stripe.com/	1970-01-20 20:19:25	Name: m Value: 4583dfec-43d0-4493-8324-1e5f77ac5017ad63ef

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=4008916930970794437 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://.qtx.dev https://.dev.qtxquartz.com https://.stage.qtxquartz.com https://www.fiercewireless.com https://www.fiercetelecom.com https://sample.dragonforms.com https://.questexinfo.com http://resources.questex.com https://resources.questex.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
api.42chat.com
app.42chat.com
bam.nr-data.net
cdn.omeda.com
cdp.omeda.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
hostedcontent.dragonforms.com
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
js-agent.newrelic.com
js.stripe.com
ka-f.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
ml314.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
q.stripe.com
qtx.omeclk.com
qtxasset.com
rdcdn.com
region1.google-analytics.com
s.adroll.com
s.dpmsrv.com
s3.amazonaws.com
sample.dragonforms.com
static-cdn.dragonforms.com
stats.g.doubleclick.net
ws.zoominfo.com
www.barandrestaurantexpo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
sample.dragonforms.com
104.16.93.165
108.138.36.74
13.32.99.47
142.250.184.226
151.101.128.176
151.101.66.137
162.247.241.14
185.83.142.19
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
204.180.130.159
204.180.130.165
204.180.130.190
205.162.42.171
205.162.42.5
2600:9000:223c:bc00:0:d27a:1440:93a1
2600:9000:223c:e400:1e:5cef:3780:93a1
2600:9000:2251:f600:c:860d:a440:93a1
2600:9000:225e:da00:6:9280:1080:93a1
2606:4700::6810:a852
2606:4700::6811:d834
2606:4700::6812:1634
2606:4700:e4::ac40:a916
2a00:1450:4001:800::2003
2a00:1450:4001:803::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:cc3:fe04:9ce8:2a91:ad50:9522
34.111.234.236
35.244.174.68
52.202.208.11
52.217.43.86
54.148.145.131
54.187.119.242
54.204.238.15
54.209.91.188
54.235.106.154
54.236.171.84
00201acca2ef59429d7e8b28c439635298171e8551af940ac6c5f2e756a14dea
056dd44aece96c67e45ba421d734f125e1497bbdb3b70194b7aadb8a68d10085
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477
0cb0a48c76b0f668105a76c39481285b24b12dadca2090687a984f7210688025
11bf5a5404a37fdb74bf869390ee11395edc1058178f8b9136fc6a3ecd1695a3
18935a832b69ea403b52af69de326274747cd437fdfb7033ee5b9dae7c25a096
19227206dcb0452526fb83a3d90146664cbd2ae14956a3e8b320b811bf4a497b
1af8fea1000c19b8aa1bc59a5cf1f98110b3237e6d38595dc8b50db7f7560898
1f7146430cd7b473637f971f7d064ea81ded6ce4ba761c84713e98949859fc7b
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a
2361ccc391687a78c696a32f6098ca6c2a800a5fca24d0209a73e2cda164135e
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
284208f9804a46c61e293f1e3f22e9fe58506daaad4f6fedb2a6dc55a7cf858a
2deb0d094a307e99fcaa3dfd02f9802de8e485134d85a2f1d2d77d453dc8b934
3055ee717951a938400fa6492cc054b29a8ad38b9cbdf762ffdc3c4fc9aa5034
324f8ebe8677371588345f72eaef068848b632a0a9d0a4099d4dec483ff1892b
3a0bc360c62421f0f9c14fa1cb49edfc5a8cd449fb3a81362485e6fd84dfaced
3a70b5fd655db300c2e0560f0595fbc9586edbe4ac9fccef3a45437439b38a99
3abbaed02cceb6c27823bac8382b8974fc7a8f458aaf83cc39aad641ac35286b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48206d01d880c9954ef7c1b30c7f4f96b981a6e20ebf10cb96655ac687d334f5
4b3a2a772b4f62350f65433b5189ed1b7f9ae9c00e05c1489fc803b95163e9cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5757839df7d5eec5903e484fe812563219318f1fcc739ac9a595913b980c38
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f
50f8940c48766a4b14f832e67b2ad7ad6bb98944d1bfaf9c9fb02d8cfbc1dc7f
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58c67a1bf42a9099df20fd93e63eaee29f297e26e0c419f53ce390063243a5fa
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
62a778d1aeb3888c56b5c930f8f343bbe2014a0f9b5c874af061bd6b18e1eafe
6655788c8c36780219c91b35f1a5ce49493bd5fc8771a4140d58aa61744e02e5
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e6e43bbcba98104ba082f187c40f07127965824026a0c865c1f4e887c8e0bb1
708ce342d190fa30001fdefff95e6d5b4351392b8ecde8fbf017e37f4a8ae144
72323441b66713a5899004ac56d9c2513751232daa08135bab8fee394d9add67
77c82cb2a18ecfa3a1b4735631d1f3b4ddfa01f68730c465b7ef324006d6f736
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
782b6ef922b6a0ae225921232d97a7472064deae5e4a48a66adc1c5717a965af
7be1cd252a4c093b2b2e13c873dd21c50357472323b5dc4918206859622f6d5e
7e53ce26eb3ec43821e8a08d41ce762e23f4e6690bbf8006ef8361edf5413e88
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
808f97075fc1233d487b23401e97c6c11fb39eb115ec0d9fc251ec09d9b2d5d4
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391
84784cb8395cdfd137a0ccc6706e4fc102639e37951c424da7e86f8b319d3356
89e0d5e92136af3c2f1d53d4bd524e308554a0ddf9e44a5bd89ab2e2bdbddd7a
8e1d900ecb285de03248e30b27bafdd46bd3b979af73672acb4a922b0b297da3
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9539f56b911e59702ab92b6f6cb294f9cadf3c5efcbcfc137c7f0c6e7c915220
9a3b80b96b6c5a3b2a37fffda85e15962cca8e839fb8b833b9a42e650f4bdc14
9d0875350d585feb71ec3f59c1109edf80dc94e90c99a1f40a835c27d8476c34
9f6fe29c9d92e5a150326676ca8d564f042ac0854307b8aca653fa40b24202d5
a2a604a92e66efd3a0245187f8c17c760f6205b9e77d10aac3c753765e669e65
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6e832038d5d663b1cd976e1533fd2b70b3cc655f9084d3b1690109797ea20bf
a75268aabd3efca2333dda30048a44d566fca0fa0c70f87249784d6c4dbaaa50
aa87d17ddaa5c7f3bc99debd919894681e2f1852f018ea99a28c77df59064dcd
aa904168958f38d568ada0afaaba8cbb92c29a64509dd1eb57268496026437d6
ace736d21df52fe454e5b4cbf64761ef6d49030122edc8a19913bda47d6e6e75
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b148ff3b1ef039e438c8a5d50cb5b35d7dec9089221962748845d5c256bc4360
b4eeaf2d2acecd8f96cce59594c99a0d2bdfb349be8e46023bf0b349734d4fa0
b53574d999f4a2ad6d4f68a38b4e4d0a5c86eddc43e6d1dcf1a02ace61c855cf
b868b7019b9619667a195de7bfa9663030a4f89f0022b20f1c96a531b3e4f690
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b9916a41499f328edf5430fc2f1ab256f843b88620b331ee2612d1526dabccb7
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bd1c5acd3112e0f4c6db7b505200384911e8d87c3dcd6b318af034cc0db4cfc0
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
ced39e172754e1211c4478375fb8fc22cca0368cd18c93c882f4f8255731af7d
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780
d007a16fea412648315d74a76b8878080bd98ce66a0272ace8c3043a9c4002e7
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
da405164e9578ab54d921ab39deae3a2cd1c3ec585ca860550736d80edc590a1
daf4fe1515892c71cdd95f5c6eb3a9cc0aa4ad0a93247c9a6e971bf6f169f53e
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
e108a05b9e38dd48e054836c9310dec58bd4f9339132534b2fd06ad9e7ef767f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e721448de4149c59b99e49159d0b8be3557227c4f317c688d02ab5eafe5ce580
e94fd4e13b69bf00b049aa8c36d4a75c6f2a7ba59c21326201621f69c3e474e1
edb9caffbf5fbc8ac4c1e41bcfb9aaf2168c917efb05440b8d2ff2a0926e7f3b
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
f084eb3b60be7c6309cc5ff62056f29deba6ae55270642089f04f035d9cb3738
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f22d8133a88aeafb897792e374d2dcdd0aee7db80027bcb3185c47e246b6386f
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f85620625bc0df9e5ce6ebe1704f15b7a40529d72349e23bec746de2d4316255
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fcfe47ed943044cf2222be54bb97f838b5c8a3ff0668dbb8452aae6db388a877

www.barandrestaurantexpo.com Open in urlscan Pro 2606:4700::6811:d834 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

95 %HTTPS

47 %IPv6

29 Domains

43 Subdomains

42 IPs

6 Countries

2583 kBTransfer

7527 kBSize

28 Cookies

21 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.barandrestaurantexpo.com Open in urlscan Pro
2606:4700::6811:d834 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

95 %
HTTPS

47 %
IPv6

29
Domains

43
Subdomains

42
IPs

6
Countries

2583 kB
Transfer

7527 kB
Size

28
Cookies

121 HTTP transactions
0 data transactions