www.krystal.lewith-freeman.com Open in urlscan Pro
52.23.102.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://krystal.lewith-freeman.com/
Effective URL:
https://www.krystal.lewith-freeman.com/
Submission: On June 25 via api (June 25th 2024, 6:57:24 pm UTC) from US — Scanned from DE

Summary HTTP 124 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 33 domains to perform 124 HTTP transactions. The main IP is 52.23.102.130, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.krystal.lewith-freeman.com.
TLS certificate: Issued by R11 on June 25th 2024. Valid for: 3 months.

This is the only time www.krystal.lewith-freeman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	52.23.102.130 52.23.102.130	14618 (AMAZON-AES) (AMAZON-AES)
47	108.138.192.117 108.138.192.117	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	18.239.50.10 18.239.50.10	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
24	65.9.66.64 65.9.66.64	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.121.18 13.32.121.18	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
17 22	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:c600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	35.169.21.146 35.169.21.146	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.215.143.111 52.215.143.111	16509 (AMAZON-02) (AMAZON-02)
1 1	3.73.54.118 3.73.54.118	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	52.207.188.107 52.207.188.107	14618 (AMAZON-AES) (AMAZON-AES)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.49.45.15 52.49.45.15	16509 (AMAZON-02) (AMAZON-02)
1	52.211.128.173 52.211.128.173	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
124	37

4 52.23.102.130 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-102-130.compute-1.amazonaws.com

krystal.lewith-freeman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.krystal.lewith-freeman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 108.138.192.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-192-117.mxp64.r.cloudfront.net

cms-cdn.onjax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.50.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-10.ams58.r.cloudfront.net

pacdn.onjax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 65.9.66.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-64.fra56.r.cloudfront.net

mlsphotos.onjax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-18.fra60.r.cloudfront.net

paimg.onjax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.91.62.186 (Groningen, Netherlands) 17 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:c600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.21.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-21-146.compute-1.amazonaws.com

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.143.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-143-111.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.54.118 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-54-118.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.188.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-188-107.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.45.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-45-15.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.128.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-128-173.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	onjax.com cms-cdn.onjax.com pacdn.onjax.com mlsphotos.onjax.com paimg.onjax.com	3 MB
24	simpli.fi 17 redirects tag.simpli.fi — Cisco Umbrella Rank: 5213 i.simpli.fi — Cisco Umbrella Rank: 4685 um.simpli.fi — Cisco Umbrella Rank: 933	11 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 cm.g.doubleclick.net — Cisco Umbrella Rank: 274	751 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	371 KB
4	lewith-freeman.com 1 redirects krystal.lewith-freeman.com www.krystal.lewith-freeman.com	18 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	14 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83 maps.googleapis.com — Cisco Umbrella Rank: 406	238 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2318	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2013 ups.analytics.yahoo.com — Cisco Umbrella Rank: 471	213 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2947	869 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 576 d.agkn.com — Cisco Umbrella Rank: 782	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 520	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 523	712 B
2	google.de www.google.de — Cisco Umbrella Rank: 8088	127 B
2	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	24 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	73 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 133	21 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 575	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 432	239 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 495	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1029	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1104	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1063	479 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1734	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7480	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 452	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1321	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 708	240 B
1	gstatic.com fonts.gstatic.com	25 KB
0	intentiq.com Failed sync.intentiq.com Failed
0	cloudfront.net Failed d2twz9av6or5hk.cloudfront.net Failed
124	33

	Domain	Requested by
47	cms-cdn.onjax.com	www.krystal.lewith-freeman.com cms-cdn.onjax.com
24	mlsphotos.onjax.com	www.krystal.lewith-freeman.com
22	um.simpli.fi	17 redirects
4	www.googletagmanager.com	www.krystal.lewith-freeman.com www.googletagmanager.com
3	bat.bing.com	www.krystal.lewith-freeman.com bat.bing.com
3	pacdn.onjax.com	www.krystal.lewith-freeman.com
3	www.krystal.lewith-freeman.com	cms-cdn.onjax.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	www.google.de	www.krystal.lewith-freeman.com
2	maps.googleapis.com	cms-cdn.onjax.com
2	www.facebook.com	www.krystal.lewith-freeman.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	connect.facebook.net	www.krystal.lewith-freeman.com connect.facebook.net
2	www.googleadservices.com	1 redirects www.krystal.lewith-freeman.com
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	cms-cdn.onjax.com
1	paimg.onjax.com	www.krystal.lewith-freeman.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cms-cdn.onjax.com
1	tag.simpli.fi	www.krystal.lewith-freeman.com
1	krystal.lewith-freeman.com	1 redirects
0	sync.intentiq.com Failed
0	d2twz9av6or5hk.cloudfront.net Failed	www.krystal.lewith-freeman.com
124	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
lewithfreeman.pureagent.net
onjax.com

Subject Issuer	Validity	Valid
lewith-freeman.com R11	`2024-06-25` - `2024-09-23`	3 months	crt.sh
onjax.com Amazon RSA 2048 M02	`2024-06-21` - `2025-07-20`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-03` - `2024-07-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.krystal.lewith-freeman.com/
Frame ID: 94E33877D4AF51624FC1C294D5FBCEDB
Requests: 126 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lewith & Freeman Real Estate, Inc - National Strength. Local Commitment.

Page URL History Show full URLs

https://krystal.lewith-freeman.com/ HTTP 301
http://www.krystal.lewith-freeman.com/ HTTP 307
https://www.krystal.lewith-freeman.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

124
Requests

85 %
HTTPS

25 %
IPv6

33
Domains

45
Subdomains

37
IPs

6
Countries

3366 kB
Transfer

13575 kB
Size

32
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/people/Krystal-McLean-Lewith-Freeman-Real-Estate/61551642523352/

Search URL Search Domain Scan URL

URL: https://lewithfreeman.pureagent.net/
Title: Agent Login

Search URL Search Domain Scan URL

URL: https://onjax.com/
Title: Onjax

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://krystal.lewith-freeman.com/ HTTP 301
http://www.krystal.lewith-freeman.com/ HTTP 307
https://www.krystal.lewith-freeman.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F365F8FA90084F97892223B2DD30C8E2

Request Chain 102

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/F365F8FA90084F97892223B2DD30C8E2 HTTP 302
https://sync.1rx.io/usersync/simplifi/F365F8FA90084F97892223B2DD30C8E2?zcc=1&cb=1719341838224 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-c958873e-08d0-4035-a903-3ed6c2552962-003

Request Chain 103

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=F365F8FA90084F97892223B2DD30C8E2&dongle=yf3

Request Chain 104

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=F365F8FA90084F97892223B2DD30C8E2

Request Chain 105

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F365F8FA90084F97892223B2DD30C8E2 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F365F8FA90084F97892223B2DD30C8E2

Request Chain 106

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F365F8FA90084F97892223B2DD30C8E2 HTTP 302
https://d.agkn.com/pixel/10751/?che=1719341838038&ip=146.70.117.101&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219903204924004199210 HTTP 302
https://um.simpli.fi/aa_px?sk=219903204924004199210 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 107

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F365F8FA90084F97892223B2DD30C8E2

Request Chain 110

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=F365F8FA90084F97892223B2DD30C8E2;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=F365F8FA90084F97892223B2DD30C8E2;mimetype=img;sr HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Request Chain 111

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=F365F8FA90084F97892223B2DD30C8E2&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=F365F8FA90084F97892223B2DD30C8E2&j=0&xl8blockcheck=1

Request Chain 113

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=F365F8FA90084F97892223B2DD30C8E2

Request Chain 114

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=F365F8FA90084F97892223B2DD30C8E2

Request Chain 115

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F365F8FA90084F97892223B2DD30C8E2

Request Chain 116

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=F365F8FA90084F97892223B2DD30C8E2

Request Chain 117

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=F365F8FA90084F97892223B2DD30C8E2

Request Chain 118

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1719341837837&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1571505124&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_sr6u7f3hgMV9UYeAh28BwycMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vd3d3LmtyeXN0YWwubGV3aXRoLWZyZWVtYW4uY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1571505124&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_sr6u7f3hgMV9UYeAh28BwycMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vd3d3LmtyeXN0YWwubGV3aXRoLWZyZWVtYW4uY29tLw&is_vtc=1&cid=CAQSKQDaQooLPc8NrwpNbJdrjanlgz7llbzs_gACDk-tIYckT8de9EdCLSRh&random=2142948841 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1571505124&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_sr6u7f3hgMV9UYeAh28BwycMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vd3d3LmtyeXN0YWwubGV3aXRoLWZyZWVtYW4uY29tLw&is_vtc=1&cid=CAQSKQDaQooLPc8NrwpNbJdrjanlgz7llbzs_gACDk-tIYckT8de9EdCLSRh&random=2142948841&ipr=y

Request Chain 120

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=F365F8FA90084F97892223B2DD30C8E2 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF365F8FA90084F97892223B2DD30C8E2

Request Chain 121

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F365F8FA90084F97892223B2DD30C8E2&expires=365

Request Chain 122

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=F365F8FA90084F97892223B2DD30C8E2

124 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.krystal.lewith-freeman.com/
Redirect Chain

https://krystal.lewith-freeman.com/
http://www.krystal.lewith-freeman.com/
https://www.krystal.lewith-freeman.com/

90 KB
15 KB

515ms
384ms

Document
text/html

52.23.102.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.23.102.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-102-130.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fe36288a8816e0454c10ad37bdada516d04082ed91edd94d083117b2a4d10246

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 25 Jun 2024 18:57:16 GMT
expires: Tue, 25 Jun 2024 18:57:16 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Location: https://www.krystal.lewith-freeman.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 default-Csvh93g8.css
cms-cdn.onjax.com/build/assets/ 496 KB
85 KB 212ms
56ms Stylesheet
text/css 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/default-Csvh93g8.css
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 9b9e49816ccd714b4f80739c6e388ad009620af5840d5de3f252c7bdfda21791

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 15:29:10 GMT
content-encoding: gzip
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 15:18:06 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 4850886
etag: W/"66310bae-7bfbe"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: LdhvQxolpflPYIgWrO1MjKHMokvs-dhRy1wwlgVUzk_79M6qnboW3Q==
expires: Wed, 30 Apr 2025 15:29:10 GMT

GET
H2 200 default-Bu4xj6RI.css
cms-cdn.onjax.com/build/assets/ 32 KB
7 KB 164ms
14ms Stylesheet
text/css 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/default-Bu4xj6RI.css
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 6c9ed68d8f1a2a92bfbad2bb125fc3d5c7e147aca9f66dd9eabaa0c06e4106f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:18:38 GMT
content-encoding: gzip
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Tue, 21 May 2024 17:26:03 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 3022718
etag: W/"664cd92b-8174"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: fGecEZeNw8ZAyRwCjyxVCQKf4xymmf4mUyR1z_WMkz_dNVSvucn6Bw==
expires: Wed, 21 May 2025 19:18:38 GMT

GET
H2 200 default-DvG0REN3.js Show response
cms-cdn.onjax.com/build/assets/resources/clients/lewithfreeman/theme5/assets/ 739 B
768 B 238ms
83ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/resources/clients/lewithfreeman/theme5/assets/default-DvG0REN3.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 70cd2c112a8f4e9538a5a0846bf8a679f2bedfc0d17ad5e5870108dbcc785ce3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 19:18:38 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 3022718
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 17:26:04 GMT
server: nginx
etag: W/"664cd92c-2e3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: UXwNVBcXmzPP2QJUkJvhpQsWfkYZiceGIR2Snfs6yf2r-B891Ru5zw==
expires: Wed, 21 May 2025 19:18:38 GMT

GET
H2 200 default-C3zMB5su.js Show response
cms-cdn.onjax.com/build/assets/resources/scripts/ 876 B
952 B 239ms
83ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/resources/scripts/default-C3zMB5su.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: acba0a95054dd87fe3f61d0a6d3d02ac5d101e7f9cac9d6820202296a0377789

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:44:30 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 3028366
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 17:26:04 GMT
server: nginx
etag: W/"664cd92c-36c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: 8_r38lxJXTqncGpZA3AMQnd6uxveSPBp_wpi7D7BNYPihO8btqD7ww==
expires: Wed, 21 May 2025 17:44:30 GMT

GET
H2 200 index-em_iZHD2.js Show response
cms-cdn.onjax.com/build/assets/ 447 B
750 B 237ms
82ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-em_iZHD2.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 99631de842ee9ec39449c40d101ea96bcfb43b09ecd39233cdae737944a6d616

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 18:02:09 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 3027307
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 17:26:04 GMT
server: nginx
etag: W/"664cd92c-1bf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: eQfJGhUf_x4ZKaPgafNTY6UjmOMBQHpqaEdUS4wkTt1kaLCzv9qGAQ==
expires: Wed, 21 May 2025 18:02:09 GMT

GET
H2 200 index-BzeNTv3Q.js Show response
cms-cdn.onjax.com/build/assets/ 214 KB
72 KB 188ms
33ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-BzeNTv3Q.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: e098158bbfef9ca4dc9542bfc74bfe00893f1e4abc581912f5985df6dae4a630

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:42 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880814
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-35922"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: OI8lbPavahNxbsgEZQumvx2wYyzbmW-QS3h6GHds34OOfS_6NnCsGw==
expires: Fri, 18 Apr 2025 17:23:42 GMT

GET
H2 200 index-BG6hxZbC.js Show response
cms-cdn.onjax.com/build/assets/ 77 KB
27 KB 185ms
30ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-BG6hxZbC.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: b3c75105fbe52faeb8982b0bf8646e8fd3af09937730096df1ae4f348b529bc9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:23:08 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5967248
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: W/"662002b2-13207"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: xe5kVBI0f-SrmpmnRhHymrQqm-shYA9HWyoO1W4eOGfOqZrtIla9IA==
expires: Thu, 17 Apr 2025 17:23:08 GMT

GET
H2 200 index-ClRNSnH0.js Show response
cms-cdn.onjax.com/build/assets/ 30 KB
10 KB 240ms
80ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-ClRNSnH0.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 60ae349edc863ac208bc14d13c276c11de8005730e571118d3ac497fe51c3e1e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:23:09 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5967247
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: W/"662002b2-790e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: CquZtXxIlLwSvlM8LXKcE-rx3kfv0ruKHamHABp2cpouSsikEp-qHA==
expires: Thu, 17 Apr 2025 17:23:09 GMT

GET
H2 200 helpers-CmYR6lCI.js Show response
cms-cdn.onjax.com/build/assets/ 719 B
887 B 262ms
104ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/helpers-CmYR6lCI.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 5c5d49d93446231868b99d462759327fa7b43da211b6a059edf4eac2914c2f42

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:42 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880814
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-2cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: aRM7jJih9euUP5WY4JIzxPUPG6R6cx1WYwKXbuvKu9W-Z9E6-YjyEw==
expires: Fri, 18 Apr 2025 17:23:42 GMT

GET
H2 200 _commonjsHelpers-Cpj98o6Y.js Show response
cms-cdn.onjax.com/build/assets/ 236 B
656 B 254ms
96ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/_commonjsHelpers-Cpj98o6Y.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 9625379badd4849610dfe6c15453cdf0c0071264c90eef177307fac094d2aa6c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:23:16 GMT
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5967240
x-cache: Hit from cloudfront
content-length: 236
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: "662002b2-ec"
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DQwt2wpgNlJ02-VPC8dMF53c00urgd_kS4QVamVgwQkG_XXN9KpKIg==
expires: Thu, 17 Apr 2025 17:23:16 GMT

GET
H2 200 index-BtKDuZ2d.js Show response
cms-cdn.onjax.com/build/assets/ 61 KB
17 KB 245ms
87ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-BtKDuZ2d.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: ff3f444431a1db8f4de111e846893c1e7fc23d8814d32d0f8021f8bb320659b4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:42 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880814
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-f55b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: Tvn7d7l9-3np9ccyNOe_oV3jpG49JizYmNc5SnWhicjhnUKcmtT6tw==
expires: Fri, 18 Apr 2025 17:23:42 GMT

GET
H2 200 index-C3Bg-STg.js Show response
cms-cdn.onjax.com/build/assets/ 2 KB
1 KB 245ms
87ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-C3Bg-STg.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 35b0e0effde9824fece5de54355440a5476b171eed66b370f025fda768d4088c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:23:19 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5967237
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: W/"662002b2-605"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: hfV11x9cD6aqhs6aV4un9tkcH407rRGh0O-DZLiXANVk_i-CoREAsg==
expires: Thu, 17 Apr 2025 17:23:19 GMT

GET
H2 200 preload-helper-C-xhxAo8.js Show response
cms-cdn.onjax.com/build/assets/ 1 KB
1 KB 244ms
86ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: dbbfb08a5228e684147b4c7435a7592aca6d4b9221db32a5358040564ba10181

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:42 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880814
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-446"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: 7w1iNr_IM_p3JNdkYAFBomcGXB9xDKpIcbyVR7BGuRXd2chLzUVh5w==
expires: Fri, 18 Apr 2025 17:23:42 GMT

GET
H2 200 quick_search-c-JsLvvg.js Show response
cms-cdn.onjax.com/build/assets/ 2 KB
1 KB 239ms
82ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/quick_search-c-JsLvvg.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 2c0ad980fe03aa200f14823542f4a6378b51e44848d598e5c93139d916a0a164

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:37:12 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 3028804
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 17:26:04 GMT
server: nginx
etag: W/"664cd92c-991"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: V-VLj28CN2ATG3KHsw-3q4g7Dsc8l2HFyYIgIcZepUMLvElqQ3tKfQ==
expires: Wed, 21 May 2025 17:37:12 GMT

GET
H2 200 settings-C3HnoqOz.js Show response
cms-cdn.onjax.com/build/assets/ 291 B
601 B 238ms
81ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/settings-C3HnoqOz.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: b9d5f16c3c596590819ad6dae8edd5b369099376b4460d9e9b0019eb4729bbcc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:45:15 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5879521
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-123"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: xDNcM0LKJnpJTGe84ryVbF4GBwlgxxM1eBjcgR3_8EWubvVlg5Tdig==
expires: Fri, 18 Apr 2025 17:45:15 GMT

GET
H2 200 default-DT04f-ST.js Show response
cms-cdn.onjax.com/build/assets/ 3 KB
2 KB 264ms
107ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/default-DT04f-ST.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: e086c5ad6e8c6f3fdc3b6922708734d367fc188aeb9d7f9f57f4332935e8c5d8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:42 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880813
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-dfd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: jXEzjIEpKuf9Fexd0_HVp1lyWjP0rW0nicuSXVuIKbwcchWMKUDjPw==
expires: Fri, 18 Apr 2025 17:23:42 GMT

GET
H2 200 form-helpers-AwRZaPdQ.js Show response
cms-cdn.onjax.com/build/assets/ 429 B
729 B 263ms
106ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/form-helpers-AwRZaPdQ.js
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 801373bbcc73aa41d3bd45019a462986a3e6cb1329e87b9d5fe92b891a0a265d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:27:22 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5966994
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: W/"662002b2-1ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: Vcky6oaGlJSkjmdtxmzMLAauTCN-8yqemwzSqg5DX8wveQMILafzDA==
expires: Thu, 17 Apr 2025 17:27:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
85 KB 81ms
47ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-923145673

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d3bfbc318b13dc1f2ab090f7d69289bb156709d7a28203799195a92f82a7d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87005
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 18:24:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jun 2024 18:57:16 GMT

GET
H2 200 facebook.022c2c6f.png
cms-cdn.onjax.com/build/img/social-icons/black_round/ 699 B
1 KB 74ms
31ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/social-icons/black_round/facebook.022c2c6f.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 22d62aeedad2b0e1e8d41c67d19dffccb52c8721d03c3ff95cb6e51871f78770

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 05:00:40 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 21:11:25 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 2555796
etag: "6651027d-2bb"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 699
x-amz-cf-id: 1vnGDY_uOgrdbz9cWXYsyeUkXlTYcjAAzsupuwpFxRCgM8_WIXoiGg==
expires: Tue, 27 May 2025 05:00:40 GMT

GET
H2 200 430x4230
pacdn.onjax.com/agents/lewithfreeman/592h81whL0Q8BCrBvFdMcocDI4mJDjnhlKFgSg6I.jpg/t1/ 47 KB
48 KB 1021ms
684ms Image
image/jpeg 18.239.50.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pacdn.onjax.com/agents/lewithfreeman/592h81whL0Q8BCrBvFdMcocDI4mJDjnhlKFgSg6I.jpg/t1/430x4230
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-10.ams58.r.cloudfront.net
Software: nginx /
Resource Hash: eed7b52ed3588b372c66ff25f7be769bdcc1c4a19cbbd70a14959a648d37adc4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS58-P3
etag: 81435814f926dd1c9e0a1defcf5f9879
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31556926
x-amz-cf-id: _Xdzd1i9n4nxv0YIYMMoWEyLg8K6iy6NSB97iNteBxzi8yX6N_Ld2Q==
expires: Thu, 26 Jun 2025 00:46:03 GMT

GET
H2 200 logo.7f59a57d.png
cms-cdn.onjax.com/build/img/lewithfreeman/theme5/assets/images/ 55 KB
55 KB 43ms
20ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/lewithfreeman/theme5/assets/images/logo.7f59a57d.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 89079f8d50405fb841ea0681d9cfb843ee7b9cc5a7816ada2686a838f932a8b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Dec 2023 05:53:23 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Wed, 27 Dec 2023 01:55:37 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 15685433
etag: "658b8419-daba"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55994
x-amz-cf-id: Jvtz1PABgH2gpmZHrklR-vqSbmkr0xNmd4_2FWGGHeJfuUWy5MvCuQ==
expires: Thu, 26 Dec 2024 05:53:23 GMT

GET
H2 200 bg1-DhaMWCWT.jpg
cms-cdn.onjax.com/build/assets/ 94 KB
95 KB 71ms
67ms Image
image/jpeg 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/assets/bg1-DhaMWCWT.jpg
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: ba3914b504386ea2b94abb0b71abfac732813c61fed011743fa8cd887061fb52

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 19:30:06 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 16:49:30 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 4490830
etag: "6635159a-1786d"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 96365
x-amz-cf-id: SL3F0kPI9BMj8gzR1mz1Mty_n9zOAuQ8AbjxvsvhFVa204aGD1EZoQ==
expires: Sun, 04 May 2025 19:30:06 GMT

GET
H2 200 logo2.31d88766.png
cms-cdn.onjax.com/build/img/lewithfreeman/theme5/assets/images/ 43 KB
44 KB 87ms
84ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/lewithfreeman/theme5/assets/images/logo2.31d88766.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: c4897569570b920655981f9617c251114bd72b42a53ff6cf3e2f7a7481c25967

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 21:30:57 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Sat, 30 Mar 2024 20:23:50 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 7507579
etag: "660874d6-ace4"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 44260
x-amz-cf-id: kLQo2DZvIcv8zBGW7VQw5iwaUDPD_3f9jcW1HM1ubwMoQ8xQcB2kgQ==
expires: Sun, 30 Mar 2025 21:30:57 GMT

GET
H2 200 lf-homefinder-white.aa818cc3.png
cms-cdn.onjax.com/build/img/lewithfreeman/theme5/assets/images/ 16 KB
16 KB 116ms
113ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/lewithfreeman/theme5/assets/images/lf-homefinder-white.aa818cc3.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: fd84acc3ca830df0a3309ae4cc00628a44480d86c5048cfd48d9330761cef630

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 11:55:50 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jun 2024 19:52:08 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 1148486
etag: "66675968-3edf"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16095
x-amz-cf-id: DMxuVRayZQQXs0pVxEHASl7h7staMFk74HBePc78CriXq6NEM6dzHA==
expires: Thu, 12 Jun 2025 11:55:50 GMT

GET
H2 200 logo-200.6e5aa63b.png
cms-cdn.onjax.com/build/img/lewithfreeman/theme5/assets/images/ 13 KB
14 KB 117ms
114ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/lewithfreeman/theme5/assets/images/logo-200.6e5aa63b.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: bebc0f0b0f3f0d604b66f57a451f92e3ac61cf6911242d0d274f1c282a70a2fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:06:15 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 23:38:45 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 6382261
etag: "66172305-350c"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13580
x-amz-cf-id: 79QgDmsSGUe1f5rtf4HzJCfaA55CvRdN2QPZNxOYsPj5uY2WrXRW2g==
expires: Sat, 12 Apr 2025 22:06:15 GMT

GET
H2 200 onjax-o.135f2538.svg
cms-cdn.onjax.com/build/img/ 1 KB
917 B 117ms
114ms Image
image/svg+xml 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/onjax-o.135f2538.svg
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 5ce071a330aa7551466e2bb532d8206721dd1c702a870136773d1e9efd2a14a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Sep 2023 06:11:49 GMT
content-encoding: gzip
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Tue, 26 Sep 2023 19:33:09 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 23373927
etag: W/"651331f5-405"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: 6Ui7Y5QpyAt5sp5skwBN8o08pNLiqbFCq3a0pszbqj3P93_VjO5k_g==
expires: Sat, 28 Sep 2024 06:11:49 GMT

GET
H2 200 facebook.3eb09eba.png
cms-cdn.onjax.com/build/img/social-icons/white/ 293 B
672 B 117ms
115ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/social-icons/white/facebook.3eb09eba.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 7cb07e650849436a5a34a63b7e6ea0b2bff5d9b8356bd9c187a5bf15bb466e60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 10 Sep 2023 20:40:42 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Fri, 08 Sep 2023 19:30:14 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 24963394
etag: "64fb7646-125"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 293
x-amz-cf-id: BHxqZPmWRHhonmaXV4jb4SQSDBuWwTpmGAm52aBHA6X3W9UDPkrn1w==
expires: Mon, 09 Sep 2024 20:40:42 GMT

GET
H2 200 google-icon.e40cd719.svg
cms-cdn.onjax.com/build/img/social-icons/ 954 B
905 B 131ms
129ms Image
image/svg+xml 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/social-icons/google-icon.e40cd719.svg
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 17eadbed5f53fd59ed8d8d6ac1e77fba00c11ca85f840a497059d6786c4ee9b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Sep 2023 23:16:01 GMT
content-encoding: gzip
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Wed, 20 Sep 2023 20:32:31 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 24003675
etag: W/"650b56df-3ba"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: wgT55v2VjQVsbdg1SFM0cDlQ8nHXA23g4xTpgvoT38uLGALFQxTYZw==
expires: Fri, 20 Sep 2024 23:16:01 GMT

GET
H2 200 50x75
pacdn.onjax.com/agents/lewithfreeman/592h81whL0Q8BCrBvFdMcocDI4mJDjnhlKFgSg6I.jpg/t1/ 2 KB
2 KB 582ms
546ms Image
image/jpeg 18.239.50.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pacdn.onjax.com/agents/lewithfreeman/592h81whL0Q8BCrBvFdMcocDI4mJDjnhlKFgSg6I.jpg/t1/50x75
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-10.ams58.r.cloudfront.net
Software: nginx /
Resource Hash: 906d978f30b80ed0cd78a2593d6487e7ae7d35e64261d6638d686c0f19400bf4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS58-P3
etag: 81435814f926dd1c9e0a1defcf5f9879
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31556926
x-amz-cf-id: Fs8J4pwnOk9nlGaGcR1tgdQpRP9bTW1fgdFs6MxqgKdbyqqawa6low==
expires: Thu, 26 Jun 2025 00:46:02 GMT

GET
H2 200 equal-housing.40a7d7fc.png
cms-cdn.onjax.com/build/img/ 3 KB
3 KB 117ms
116ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/equal-housing.40a7d7fc.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 68cceaabdc6137248d2f78fc64b7ec41ed67dea9355fa61dd45fb7bf0fd002b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 10 Sep 2023 20:40:42 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Fri, 08 Sep 2023 19:30:14 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 24963394
etag: "64fb7646-bb0"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2992
x-amz-cf-id: Fc29qPhQqBJ8sC3hs_D6JF8RZauVj_GG8Endicz7wYBgNYXNbW0EXA==
expires: Mon, 09 Sep 2024 20:40:42 GMT

GET
H2 200 realtor-mls-logo.9786afb7.png
cms-cdn.onjax.com/build/img/ 1 KB
2 KB 130ms
128ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/img/realtor-mls-logo.9786afb7.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: e0292aa23e74f221263a5ad0e5e9318ef960cfa70a87209745b723ab0dddb451

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jan 2024 04:27:34 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Mon, 01 Jan 2024 20:10:09 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 14912982
etag: "65931c21-550"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1360
x-amz-cf-id: azc03rKT7k0zKl76BEv3DFU0ehtZ_B6i85I9mZonhmVRYWfp4dR2GA==
expires: Sat, 04 Jan 2025 04:27:34 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 57 KB
21 KB 66ms
44ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6f67cfd46f61bff4f487dda6b3ec7763aa4dce2cebb9db140a558cbf0550b26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21118
x-xss-protection: 0
server: cafe
etag: 1312741717809140364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Jun 2024 18:57:16 GMT

GET
H2 200 59ff1760-7f02-0137-6114-067f653fa718 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 323ms
18ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/59ff1760-7f02-0137-6114-067f653fa718
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 5e4e914fbace0ec1f2dce6b85bf74ffee968bcf22ebbb9e73bfa250ae4524305

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:16 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F9xUSpFT7F5QWpqn0sSC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET adally.js
d2twz9av6or5hk.cloudfront.net/1.6/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 122ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cinzel:wght@400..900&family=Mulish:ital,wght@0,200..1000;1,200..1000&display=swap

Requested by

Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/default-Bu4xj6RI.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1028277ea73be80e94a8736b87cc17d4446d5a074d41598fb472d925e3e80e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cms-cdn.onjax.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jun 2024 18:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 18:57:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jun 2024 18:57:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 39ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jun 2024 18:57:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1368, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: c6ynkx3SfYxtnTe17B1csdxwfSB1fwKWOrUsNGf2CLwr46jAgz4y5I9ehuP6xK7Ar4EwHeuCVdBfAxXxtzVCdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
95 KB 69ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP9QMLM

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bc6e815013cc4b87a80ee91f88a31db69082ee38c60774e5bb8e5423ee31b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96922
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 18:24:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jun 2024 18:57:16 GMT

GET
H2 206 lewith-freeman-bg.b89d06b8.mp4
cms-cdn.onjax.com/build/media/lewithfreeman/theme5/assets/videos/ 7 MB
0 118ms
117ms Media
video/mp4 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/media/lewithfreeman/theme5/assets/videos/lewith-freeman-bg.b89d06b8.mp4
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.krystal.lewith-freeman.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 15:51:02 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 2257574
x-cache: Hit from cloudfront
Content-Range: bytes 0-7831112/7831113
Content-Length: 7831113
last-modified: Fri, 24 May 2024 21:11:23 GMT
server: nginx
etag: "6651027b-777e49"
vary: Origin
content-type: video/mp4
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: F4TgzyZIdvuyaMyFGHwpspC4su8G1smroISOjzqM09tHNtaE0kdbgQ==
expires: Fri, 30 May 2025 15:51:02 GMT

GET
DATA 200
OK truncated
/ 196 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 889b6b1b3e7c639c0c3f388e0e910b5a33872ed693877d5f449bf71db4035ee6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 191 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 424cb70bb6597d95c9cb418ccc6fc17dc911cc52110076ab23dcdd1cdaac9880

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 listing-alerts-bg-B1SC1vsA.jpg
cms-cdn.onjax.com/build/assets/ 236 KB
237 KB 148ms
143ms Image
image/jpeg 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/assets/listing-alerts-bg-B1SC1vsA.jpg
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/default-Bu4xj6RI.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 0f9226170b7b1e5a6baeebc3977b21c45fea1ad6c2b6fedfb015192066c0b8ff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cms-cdn.onjax.com/build/assets/default-Bu4xj6RI.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 11:55:50 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jun 2024 19:52:04 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 1148486
etag: "66675964-3b15e"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 242014
x-amz-cf-id: 4nqYiHiMyojej_HN_dCeaA03BOniRYJG0LD9GPnPXP1rLP-I_f1aaQ==
expires: Thu, 12 Jun 2025 11:55:50 GMT

GET
H2 200 lewith-listings-Ba1Zk-pL.png
cms-cdn.onjax.com/build/assets/ 104 KB
104 KB 148ms
143ms Image
image/png 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms-cdn.onjax.com/build/assets/lewith-listings-Ba1Zk-pL.png
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/default-Bu4xj6RI.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 7735a05a53b1c9e4358e5d8a987a74b47aeb235179eb5f140fed6e2145d50159

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cms-cdn.onjax.com/build/assets/default-Bu4xj6RI.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 17:27:31 GMT
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 21:11:09 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 2597385
etag: "6651026d-19f4f"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 106319
x-amz-cf-id: FP31_jKTOki9uYS5XRl2osjHVY0bhDI8S4qd92IkI_zHc3cZnGGwHQ==
expires: Mon, 26 May 2025 17:27:31 GMT

GET
H2 200 fa-solid-900-Bn3u-mvK.woff2
cms-cdn.onjax.com/build/assets/ 342 KB
343 KB 23ms
21ms Font
font/woff2 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/fa-solid-900-Bn3u-mvK.woff2
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/default-Csvh93g8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 9c1249ac344ac2ba5266d08460e9a083aecca1b96b592eafc4a7b4c754e2e928

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cms-cdn.onjax.com/build/assets/default-Csvh93g8.css
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:01:04 GMT
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 5964972
etag: "662002b2-5594c"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 350540
x-amz-cf-id: q19HuO-MQNjORpV_MfBYxv4xxbymSgwNKczGCY3yu0rEVDlknitSxA==
expires: Thu, 17 Apr 2025 18:01:04 GMT

GET
H2 200 8vIJ7ww63mVu7gt79mT7.woff2
fonts.gstatic.com/s/cinzel/v23/ 24 KB
25 KB 348ms
9ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cinzel/v23/8vIJ7ww63mVu7gt79mT7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cinzel:wght@400..900&family=Mulish:ital,wght@0,200..1000;1,200..1000&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

0d83a0dd25edb1418866b1e72c9b746cf46b96f4dcb5e30ff46f51c05b065f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:43:28 GMT
x-content-type-options: nosniff
age: 15229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25068
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:06:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:43:28 GMT

GET
H2 200 550x550
mlsphotos.onjax.com/scranton-p/e88b2fad/403d1654/4aee62b2/4276a0ee/e8d80d66/0.jpg/t1719245171/ 40 KB
40 KB 119ms
38ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/scranton-p/e88b2fad/403d1654/4aee62b2/4276a0ee/e8d80d66/0.jpg/t1719245171/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 41ee5aa1359a959c5f990ded7a6426fa0f5fc4a4ca0a11d449d77f9a6cc20720

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 14:16:17 GMT
date: Tue, 25 Jun 2024 14:16:17 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jun 2024 16:06:12 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 16859
etag: W/"ec805ceba603400e3fe42960557ce620"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 40939
x-amz-cf-id: gA9LrlP6AKUM1XMcs9CPN6s0d3yAIGlNKSHsHuP7T_rXHHOiI9i5NQ==
x-proxy-cache: HIT

GET
H2 200 50x50
pacdn.onjax.com/agents/lewithfreeman/592h81whL0Q8BCrBvFdMcocDI4mJDjnhlKFgSg6I.jpg/t1/ 2 KB
2 KB 658ms
655ms Image
image/jpeg 18.239.50.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pacdn.onjax.com/agents/lewithfreeman/592h81whL0Q8BCrBvFdMcocDI4mJDjnhlKFgSg6I.jpg/t1/50x50
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-10.ams58.r.cloudfront.net
Software: nginx /
Resource Hash: 906d978f30b80ed0cd78a2593d6487e7ae7d35e64261d6638d686c0f19400bf4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS58-P3
etag: 81435814f926dd1c9e0a1defcf5f9879
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31556926
x-amz-cf-id: 38MWqD0vv42ZcC5YdRvTl2az-HDn8Yb8aK0qa0h0RYEXjy2boGjIzw==
expires: Thu, 26 Jun 2025 00:46:03 GMT

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/2a106239/8052e426/51df6a39/d180d1a9/30b1eab0/0.jpg/t123456789/ 35 KB
35 KB 214ms
134ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/2a106239/8052e426/51df6a39/d180d1a9/30b1eab0/0.jpg/t123456789/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5dd9276051452190f1813b255fed74c8edabca4cee462d0897078457040b485a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Jun 2025 17:10:10 GMT
date: Fri, 21 Jun 2024 17:10:10 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Thu, 18 Apr 2024 13:18:26 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 352026
etag: W/"fa2c1025f9c4ab8c7f6843ecf5f547d0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 35754
x-amz-cf-id: WMo_1lWyKEU11gccQKcd4KLOsfD4n3B5CGN_2gZIU3lebGeTL8jpwQ==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/scranton-p/4504444d/7c5b372d/aded565e/d10d425e/21c81b7c/0.jpg/t1718989044/ 40 KB
40 KB 196ms
116ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/scranton-p/4504444d/7c5b372d/aded565e/d10d425e/21c81b7c/0.jpg/t1718989044/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c026d2a4b443fcd1180aff723e5b12d004b8718eb43ac8bf2e07d21e3e08419d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Jun 2025 17:40:18 GMT
date: Fri, 21 Jun 2024 17:40:18 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2024 20:15:34 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 350218
etag: W/"2748d3a2f56962c859b43ee95bcaf46b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 40522
x-amz-cf-id: 0SymCG4u-D87v2S7tqq19JU9jk7qjlL9fFAJbNOCMGywZHeWB9Eing==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/scranton-p/08554f06/b1c995e7/0bf5a417/4cc5a5d7/0ba2393e/0.jpg/t1718478381/ 57 KB
58 KB 95ms
15ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/scranton-p/08554f06/b1c995e7/0bf5a417/4cc5a5d7/0ba2393e/0.jpg/t1718478381/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7f2286f1eaca72c2494dd3c9b5676a53fd27afc320b6f92b8669a343d71091c2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 16 Jun 2025 13:43:43 GMT
date: Sun, 16 Jun 2024 13:43:43 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Sat, 15 Jun 2024 04:30:24 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 796413
etag: W/"808e25e4a12e6fa81d5282ae3d2d0998"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 58545
x-amz-cf-id: HZUrdK-3klrWNRotJi1INWH26RnO22pohJKNcwqKISuZGgNcBdFLSA==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/luzerne-p/16a23a90/584b1ec9/5ce3a1b0/f4c620c0/8717e353/0.jpg/t1717097784/ 41 KB
41 KB 117ms
37ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/luzerne-p/16a23a90/584b1ec9/5ce3a1b0/f4c620c0/8717e353/0.jpg/t1717097784/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0c79f35b7da646a9db83275d17d0473ed0efe958a11c0f723b352b32727c481d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 22 Jun 2025 06:25:52 GMT
date: Sat, 22 Jun 2024 06:25:52 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Thu, 30 May 2024 19:36:23 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 304284
etag: W/"d2d78069337f94d83be7bf89c074a88e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 41570
x-amz-cf-id: CmmmT-rH76xRGMa4pX5vgJsJZ6XAF2eYJhuL9IHeLE7sT0LnsfpANQ==
x-proxy-cache: REVALIDATED

GET
H2 200 550x550
mlsphotos.onjax.com/luzerne-p/a8c2c931/19f687cf/5c3f3119/ef00a18c/b153826b/0.jpg/t1718999851/ 47 KB
47 KB 65ms
59ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/luzerne-p/a8c2c931/19f687cf/5c3f3119/ef00a18c/b153826b/0.jpg/t1718999851/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9db9c977f085c13ed50db3fedb6c9a6d597ae7bf936dd67562bde7b6fcefcbf5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 22 Jun 2025 07:51:54 GMT
date: Sat, 22 Jun 2024 07:51:54 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 19:57:29 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 299121
etag: W/"4eb9add49b2b97c849012c9833f7c202"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 48190
x-amz-cf-id: zmoTLoweaP3lZCzdnoqMVHKVfckTe84s5yBN9bLf4gLlBpk8m645SQ==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/luzerne-p/d217f436/516d6c47/573aa07c/baeba95c/5d40b1c6/0.jpg/t1718981142/ 34 KB
35 KB 66ms
61ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/luzerne-p/d217f436/516d6c47/573aa07c/baeba95c/5d40b1c6/0.jpg/t1718981142/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8ddc9a200fcc926c2baa4046c2acc9b2c4f77abb9d75c94567301d13a46d578d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 13:06:26 GMT
date: Tue, 25 Jun 2024 13:06:26 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 14:45:37 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 21050
etag: W/"f90379aa474be7fdd5923a281e791930"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 35136
x-amz-cf-id: FZaFJZCU4MWQXNZjOcmiqFF-XxSTihh1ExMZM38Zi1MiTXz8TF5M8g==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/luzerne-p/8a6f4982/9b796232/f9036f05/b37197e1/bb3ffab7/0.jpg/t1718823819/ 59 KB
60 KB 68ms
64ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/luzerne-p/8a6f4982/9b796232/f9036f05/b37197e1/bb3ffab7/0.jpg/t1718823819/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 62792f13c82c9ef0d09dda1a5c2fdfcc27c6aa191185f8df1b94f4bbbcc4152a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Jun 2025 06:42:52 GMT
date: Fri, 21 Jun 2024 06:42:52 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jun 2024 19:03:34 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 389664
etag: W/"3e7eec4281951780d03ba44ac757b527"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 60539
x-amz-cf-id: SuPT98VB103fFP1OBAVj-pBjBQIFs3wXAYwj6IpVvLVbJp4EGigT4g==
x-proxy-cache: REVALIDATED

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/ec9a3595/069e81cb/17df7bf4/04c6013f/610a0537/0.jpg/t1717978889/ 51 KB
52 KB 575ms
570ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/ec9a3595/069e81cb/17df7bf4/04c6013f/610a0537/0.jpg/t1717978889/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 04a2a0dd6652a24876f90073dede0c6a8f612c7dec72070af85eef62d1018ebc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 18:57:17 GMT
date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jun 2024 00:21:26 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"072309d2c1c2095b85aee76877f993c7"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 52417
x-amz-cf-id: LM-gJtXUwiipWY-v7UKAurTHHkghEI2cNsWbNPEhEWTISXSwe16xNw==
x-proxy-cache: MISS

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/3f29d1b0/83b5d06c/c621109c/a5317aca/5af1f114/0.jpg/t123456789/ 51 KB
52 KB 439ms
359ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/3f29d1b0/83b5d06c/c621109c/a5317aca/5af1f114/0.jpg/t123456789/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 018fa9bb2197b4fcd46754c8048da0a4f0ef9e08c097a2bdc9cdf1ee3a141ac2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 18:57:17 GMT
date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 22 Apr 2024 15:21:35 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"9465390d33b238e4c5e3eb1036e9462b"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 52270
x-amz-cf-id: sf2u9Od1Pgk70RfyguM2U1CzzsdesMfEBl30b4wQjyN8Y38e71YqCA==
x-proxy-cache: MISS

GET
H2 200 550x550
mlsphotos.onjax.com/scranton-p/83d175b9/370a4720/1f0dd90c/cf45eb24/d4277206/0.jpg/t1718293893/ 52 KB
53 KB 225ms
221ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/scranton-p/83d175b9/370a4720/1f0dd90c/cf45eb24/d4277206/0.jpg/t1718293893/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ae6651a8013d4e5666a38cfed3989312af7d5a3f10bad129673209198772a7f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 18:57:17 GMT
date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Thu, 13 Jun 2024 15:51:34 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"045054f3e9c477ab01ae5c5617c95184"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 53438
x-amz-cf-id: UeEChkqFeS07wB3fYWIKTum11N2xpkcAAe4CBoNizBMFpFikd_8zzg==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/scranton-p/eae10566/1a3f9feb/70dda0f0/8ebd6ee0/d44e6581/0.jpg/t1714568963/ 36 KB
37 KB 453ms
449ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/scranton-p/eae10566/1a3f9feb/70dda0f0/8ebd6ee0/d44e6581/0.jpg/t1714568963/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5ab16ac2f62a5cf9920b2cd5d9aa120e72eda794b68b2fb3baf7d71ab6bd4f1e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 18:57:17 GMT
date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Wed, 01 May 2024 13:09:20 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"e63760fcd38ca4bd3107dfa7ba743397"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 37211
x-amz-cf-id: 5zM8ml-lcIr5AtickNUGxzuIeaapOyigRbQCM2suDEuBnujDTbQcJA==
x-proxy-cache: MISS

GET
H2 200 550x550
mlsphotos.onjax.com/luzerne-p/cb871b73/d2efdd93/8528d7b7/5e4d4260/02a9f358/0.jpg/t123456789/ 40 KB
40 KB 121ms
117ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/luzerne-p/cb871b73/d2efdd93/8528d7b7/5e4d4260/02a9f358/0.jpg/t123456789/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7ab7c5b614cf1947c4254cb4d46d04dc88340731ed936c7eb792785316242a19

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 11:31:36 GMT
date: Tue, 25 Jun 2024 11:31:36 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Thu, 29 Feb 2024 12:48:15 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 26740
etag: W/"51fc0031ef49b53611f95f2489907225"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 40818
x-amz-cf-id: WQcwR3Tda0wiMPU90vOn0xozfTAZb6ssc76_xWMw9R9aRDqpEuSDkA==
x-proxy-cache: REVALIDATED

GET
H2 200 550x550
mlsphotos.onjax.com/luzerne-p/1e8303fd/4b4764be/df352431/d433a5ab/cd52276e/0.jpg/t1716570741/ 31 KB
32 KB 540ms
536ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/luzerne-p/1e8303fd/4b4764be/df352431/d433a5ab/cd52276e/0.jpg/t1716570741/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 11af3008f1a46526c106e4ae833a073fe92ea9500ed1f4fe1d09c312d9f38026

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 18:57:17 GMT
date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 17:12:20 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"45713208c8575a9f7f94b6b773c1f3d7"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 31895
x-amz-cf-id: gjQjD_sIDihCKLNq3HaxEUMsUEy9aMUpL9i5EoW3sMvft3-th3L1EQ==
x-proxy-cache: MISS

GET
H2 200 550x550
mlsphotos.onjax.com/luzerne-p/a9fecb69/48ec98b3/29b3f270/23004b78/7532d9da/0.jpg/t1715191438/ 61 KB
62 KB 760ms
755ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/luzerne-p/a9fecb69/48ec98b3/29b3f270/23004b78/7532d9da/0.jpg/t1715191438/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 91241cdfd5f08d519c80f8395ffc3073ec08b4a3eb4454165434a8af3f57470d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 18:57:17 GMT
date: Tue, 25 Jun 2024 18:57:17 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Wed, 08 May 2024 18:03:42 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"da81c15aad9a6ff44f97adaf9a7047e5"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 62960
x-amz-cf-id: ZA34TATlMdmf5G1WrTRrkre8OsKcYVAsoBEcv3Fn247lXW0Xg7GFSg==
x-proxy-cache: MISS

GET
H2 200 550x550
mlsphotos.onjax.com/luzerne-p/a3e85d97/3c7df981/d2da61c5/bb5e99f0/11663a10/0.jpg/t1719256533/ 64 KB
64 KB 59ms
55ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/luzerne-p/a3e85d97/3c7df981/d2da61c5/bb5e99f0/11663a10/0.jpg/t1719256533/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f5d7e21a15d41ad17eef279dbd39c3793b651a0be46d4609306d029b483787ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 14:08:39 GMT
date: Tue, 25 Jun 2024 14:08:39 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jun 2024 19:15:30 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 17316
etag: W/"26b8370f70eb2a1cd628417fe8e17439"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 65539
x-amz-cf-id: tz4gPipbHYcElaFXm17Zh-yNYnZ5ittoFHay68_dh6QlJEsM-2g-SQ==
x-proxy-cache: REVALIDATED

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/78cb2de4/0f22d26b/531b3912/418a2dfc/fa9cf88d/0.jpg/t1718897441/ 57 KB
57 KB 67ms
62ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/78cb2de4/0f22d26b/531b3912/418a2dfc/fa9cf88d/0.jpg/t1718897441/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e372d2eaaf32789c07296f88cebef9b35e9e6e20faaa46c3d76596fd6d800ce1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 20 Jun 2025 15:45:06 GMT
date: Thu, 20 Jun 2024 15:45:06 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2024 15:30:35 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 443530
etag: W/"c6f09e5bd382fc75db2e30e15f950b9d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 58321
x-amz-cf-id: UywclYApOqwktobkx2mU2rFq6z9hu7q0JWu3-Dhc6mAti_LpLECtfA==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/81d7ec24/fc405121/a931b191/10c25004/c7b392a5/0.jpg/t1719278835/ 53 KB
53 KB 126ms
121ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/81d7ec24/fc405121/a931b191/10c25004/c7b392a5/0.jpg/t1719278835/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 00744c794bafb76f4f20f04c067d5c7aa35f114fd00fe084acb12f36c09c3ab2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 25 Jun 2025 03:48:55 GMT
date: Tue, 25 Jun 2024 03:48:55 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 01:27:15 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 54501
etag: W/"bc8c71a24e9c1ee4df70524111e8235f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 54205
x-amz-cf-id: 3y8kfSlV50TRZLiUDAtVfR3kgpu3tt6ih8jdG9pUH7VpQMli7Pi4XQ==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/e0ba1943/0dcb9e29/75164d2b/8f6bbfad/61a4860c/0.jpg/t1719234744/ 70 KB
70 KB 108ms
103ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/e0ba1943/0dcb9e29/75164d2b/8f6bbfad/61a4860c/0.jpg/t1719234744/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 97bbe3c968cbc7dff9dbf3984f610b11be044174e53dc0efe4ca5c0aa855137c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 24 Jun 2025 14:10:28 GMT
date: Mon, 24 Jun 2024 14:10:28 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jun 2024 13:12:20 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 103608
etag: W/"2d875f807befd671cf0399fd2f97130e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 71204
x-amz-cf-id: w2CC7S3X1gG5alhse0COo2aogTjFl8e7C7ooHWDxaq_RIWKAaekqxA==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/532b58dc/fb4b9349/18c50927/b285e154/f19a3840/0.jpg/t1719011539/ 64 KB
64 KB 111ms
107ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/532b58dc/fb4b9349/18c50927/b285e154/f19a3840/0.jpg/t1719011539/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5cb8629ea970563e09000eb290ef10db1336a174d4a1dc6a286f866a8003b2ed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 22 Jun 2025 00:44:13 GMT
date: Sat, 22 Jun 2024 00:44:13 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 23:12:18 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 324783
etag: W/"07c4259c46df4a8c22300fb667e5d0df"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 65594
x-amz-cf-id: NbClCMpGasm6jCQc9IrG3_EauNNxD1HqoHmiLhjOm3dNfc2uq9Nd3w==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/a1ec9094/ce7b5e05/de2dd07d/9485fe72/55677eef/0.jpg/t1718975356/ 68 KB
68 KB 128ms
124ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/a1ec9094/ce7b5e05/de2dd07d/9485fe72/55677eef/0.jpg/t1718975356/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2a782da3d1a0c3b473bc25ec2b8923008f71b6513f6860dc41ea6f78b6af6ced

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Jun 2025 14:46:01 GMT
date: Fri, 21 Jun 2024 14:46:01 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 13:09:15 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 360675
etag: W/"448f629162856406b6a69a6caf25bffb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 69458
x-amz-cf-id: 2k-rm7pIunJ-C2BtRVvwJqNO76CEHgjFr0Njhe6ZRzFw3VP_S2iQrQ==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/38fb7a15/76d758ba/08901b07/80ba3ffe/7cb42bec/0.jpg/t1718940272/ 47 KB
47 KB 123ms
118ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/38fb7a15/76d758ba/08901b07/80ba3ffe/7cb42bec/0.jpg/t1718940272/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ce6908da713f343ca120631bf7f393fad68eea941885f0b76998de5b1ba5f89d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Jun 2025 04:41:51 GMT
date: Fri, 21 Jun 2024 04:41:51 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 03:24:26 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 396924
etag: W/"74e14ede1a2a4e4217a903c11d9626b8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 47992
x-amz-cf-id: zQb2VLXI1XFukv4f2mCX3AcqheDBggNqnmArcPVSO6gXQduQ_NGDvg==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/c7bc6f8b/d299d789/edf0588e/580d8f53/aee24510/0.jpg/t1718937929/ 49 KB
49 KB 128ms
124ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/c7bc6f8b/d299d789/edf0588e/580d8f53/aee24510/0.jpg/t1718937929/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b4b2a85a0dae0386f9737cdd2d3edcceda15dedf01440f2fcc5546f690b06e25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Jun 2025 04:41:51 GMT
date: Fri, 21 Jun 2024 04:41:51 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 02:45:26 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 396924
etag: W/"851ed87bed74b225f52e90fdc0fa43af"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 49754
x-amz-cf-id: J9dVgjjpyHy0cCE8c4y9Yx7x1JcKHl7q50zpTOn4GmZLnzGPaP-RHQ==
x-proxy-cache: HIT

GET
H2 200 550x550
mlsphotos.onjax.com/pwmls-p/6fb85adc/37ac1587/da5f8c42/1d9a6b15/bba9bb7c/0.jpg/t1718946744/ 69 KB
70 KB 124ms
120ms Image
image/jpeg 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlsphotos.onjax.com/pwmls-p/6fb85adc/37ac1587/da5f8c42/1d9a6b15/bba9bb7c/0.jpg/t1718946744/550x550
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 406b4927260bc84a97b4141cf22d24c48da36bca2953fceeac76750b2c099016

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 21 Jun 2025 07:55:32 GMT
date: Fri, 21 Jun 2024 07:55:32 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2024 22:27:19 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 385304
etag: W/"e477eeba116128340e96dda5f3cc3f2b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
content-length: 71152
x-amz-cf-id: BQ50CNW8Tpz3Pdm88m9T5kgslUwBjl6SdX5kWHKvypiQgVY_LGrZKQ==
x-proxy-cache: HIT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/923145673/ 43 B
61 B 384ms
45ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923145673/?random=1719341836830&cv=9&fst=1719341836830&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=listing_id%3DREPLACE_WITH_VALUE%3Blisting_pagetype%3DREPLACE_WITH_VALUE%3Blisting_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=https%3A%2F%2Fwww.krystal.lewith-freeman.com%2F&tiba=Lewith%20%26%20Freeman%20Real%20Estate%2C%20Inc%20-%20National%20Strength.%20Local%20Commitment.&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 198ms
100ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 25 Jun 2024 18:57:16 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 445C66DB8C494B4A8E93921E61EE8534 Ref B: FRAEDGE2008 Ref C: 2024-06-25T18:57:16Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 249800532233659 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 186ms
181ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/249800532233659?v=2.9.158&r=stable&domain=www.krystal.lewith-freeman.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c6f93d0a83aad5f8f5848ed3015513078a8b8daf336d0e9dd6f60a61ddd90ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jun 2024 18:57:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=63, mss=1368, tbw=63543, tp=-1, tpl=-1, uplat=171, ullat=0
pragma: public
x-fb-debug: MbcyDhxBat7HJ5ZCws4oWd545o/eVryRmzbEA7p1mxnVaU3I+bWeY2zq16J/DGZxaB0s6ddu/aiWAigBMHMvRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 index-DtGTtwzX.js Show response
cms-cdn.onjax.com/build/assets/ 8 KB
3 KB 25ms
24ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-DtGTtwzX.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 40e9626db077ab351ac517867557a13dd4ae92586a5687630c1da3d87c7ba86f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:44:35 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 3028361
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 17:26:04 GMT
server: nginx
etag: W/"664cd92c-1e61"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: A49Cfu9OBx3qmfXd0W9tDH6HlihsjOxVxDfOPJ4a5rkR8hspad8SnQ==
expires: Wed, 21 May 2025 17:44:35 GMT

GET
H2 200 _plugin-vue2_normalizer-Dl2RXJm2.js Show response
cms-cdn.onjax.com/build/assets/ 91 KB
34 KB 53ms
52ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/_plugin-vue2_normalizer-Dl2RXJm2.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 2e9998ecb582ce866f788e49bb999afa39c5bfefa9b50604b6a6d8b954764f63

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:43 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880813
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-16d0f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: s1OVrM7lUqNbBnkiB6ke8kwyvHThFQlGJBbs2VcjWnqjJSdyPTL7UA==
expires: Fri, 18 Apr 2025 17:23:43 GMT

GET
H2 200 index-DMPBqk-z.js Show response
cms-cdn.onjax.com/build/assets/ 463 B
710 B 28ms
27ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-DMPBqk-z.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: bfe4cbef099b5ecc703dff0c18c137e4bd3ccee71183e75a74fb630d411c5514

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:23:23 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5967233
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: W/"662002b2-1cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: chWJnehSI-mUZDDzrXylLf3e93MlIeOZ8Ch29cXZhDtqRTC94l6fVQ==
expires: Thu, 17 Apr 2025 17:23:23 GMT

GET
H2 200 listing-search-criteria-DXgX8p3e.js Show response
cms-cdn.onjax.com/build/assets/ 315 KB
89 KB 49ms
48ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/listing-search-criteria-DXgX8p3e.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 454681212b2e345641eb7f896241b819e0ecf5e05e0523267c98c76bd0f15557

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:44:35 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 3028360
x-cache: Hit from cloudfront
last-modified: Tue, 21 May 2024 17:26:04 GMT
server: nginx
etag: W/"664cd92c-4ea8b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: pRMNXipSS5oqfx5yBFjPRUGjd2xu7Apy7M5MssgWGjA5m0RDkN_pLQ==
expires: Wed, 21 May 2025 17:44:35 GMT

GET
H2 200 index-2RUdzJZw.js Show response
cms-cdn.onjax.com/build/assets/ 2 KB
1 KB 48ms
47ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-2RUdzJZw.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 35cc39d4ca688292d485815cdd27f68df511bc46508235acedf4f84b471e4278

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:44 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880812
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-690"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: EubWDYLD07IrcuzSh028-q9-a5OPD9XXfNt7T60JRsOyMUhMp0MV3w==
expires: Fri, 18 Apr 2025 17:23:44 GMT

GET
H2 200 en-US-DNwSpqqj.js Show response
cms-cdn.onjax.com/build/assets/ 8 KB
3 KB 52ms
49ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/en-US-DNwSpqqj.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: eedd826ab959d4c9da06dcc0812a5f35c9a87558212910d486a8110ecd152361

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:44 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880812
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-2075"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: TZMEHhqIjTt4S779PY-LYkm8IrIhIs3K45v0Ampd6BrMrWUiE4dFeQ==
expires: Fri, 18 Apr 2025 17:23:44 GMT

GET
H2 200 constructFrom-rJN6zrQ_.js Show response
cms-cdn.onjax.com/build/assets/ 352 B
647 B 53ms
50ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/constructFrom-rJN6zrQ_.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 271fdcd5d0fbecd85e768b77827f5647a7bd116fb699ce963a90e7788a9fcdf3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:23:21 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5967235
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: W/"662002b2-160"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: XqyVxSfr1UffCD-bQojrIU8nPBdPd4f-DC3dZn9MqEOiulLD1sUotw==
expires: Thu, 17 Apr 2025 17:23:21 GMT

GET
H2 200 filters-DrNXhWRZ.js Show response
cms-cdn.onjax.com/build/assets/ 633 B
754 B 53ms
51ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/filters-DrNXhWRZ.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: d2be9da0eaba7c7fc5725fe09de742eb06cabfdc1e1046f24c82ab5fc17ced06

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:44 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880812
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-279"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: -OZp5DCx0yA1e9ABk1nV-JeHDJYMtSAhA2-CX0_4AxPgvj2KtH7kJg==
expires: Fri, 18 Apr 2025 17:23:44 GMT

GET
H2 200 index-DBGkHwy2.js Show response
cms-cdn.onjax.com/build/assets/ 605 B
779 B 53ms
51ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-DBGkHwy2.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: fe53937f95c26c5c69807821fdfb18520f9d7893e0ae88ba4c1786aba54dd6f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:44 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880812
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-25d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: ytL4bnV-gJzC0tGOBTeinz-w-OjeNc6TqefidBjy3-utpP6i7byzpg==
expires: Fri, 18 Apr 2025 17:23:44 GMT

GET
H2 200 index-DYXFZuqr.js Show response
cms-cdn.onjax.com/build/assets/ 6 KB
3 KB 54ms
52ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-DYXFZuqr.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: cbc2f9d5867c3b1fa94a73a4c1c2cab84eaa4017106411eb78836345314e92d4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:23:25 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5967231
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: W/"662002b2-1684"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: ni2pBo0kL9Kq_d7Oayhvn0fV-OKZe7CinRI2RDlCI8J1eenbEVNYyQ==
expires: Thu, 17 Apr 2025 17:23:25 GMT

GET
H2 200 LoadingElement-cs1n9Uv4.js Show response
cms-cdn.onjax.com/build/assets/ 457 B
739 B 55ms
53ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/LoadingElement-cs1n9Uv4.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 1f5bae015fb8e3968ca4362ecec795c1981e36b3d96d3d779c7aa774c8cdffd5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:44 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880812
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-1c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: lbkTzaLWek47v76PBluJeMpzxh6zzvSFQ7pO5qEV-kAhvXObSlKNmw==
expires: Fri, 18 Apr 2025 17:23:44 GMT

GET
H2 200 addMonths-BEvST61r.js Show response
cms-cdn.onjax.com/build/assets/ 297 B
658 B 56ms
55ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/addMonths-BEvST61r.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 4b47d420b558ec21ee4b826185f9545cba694dc273476d4056b2c44ae9c0121a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:23:44 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5880812
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
etag: W/"662018e6-129"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: 9xEBc59e60b6H3zIvBUFMjrifYAeApzdqoQTpel7_4chsqcyBUBYrg==
expires: Fri, 18 Apr 2025 17:23:44 GMT

GET
H2 200 listing-search-criteria-BdO7OlQE.css
cms-cdn.onjax.com/build/assets/ 47 KB
9 KB 73ms
72ms Stylesheet
text/css 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/listing-search-criteria-BdO7OlQE.css
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 82419abfbbf3422d6415d35c35aaba16b69f7d4b8ec44443e283e623c172cec1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 17:28:20 GMT
content-encoding: gzip
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Wed, 17 Apr 2024 18:45:58 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 5880536
etag: W/"662018e6-bde8"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: GEWOt-OPN69YaNoVDH-Qk2lojxqR1sHXX3cVkQVnTCkP6FRq-MTZlw==
expires: Fri, 18 Apr 2025 17:28:20 GMT

GET
H2 200 index-Dg2kIGMr.js Show response
cms-cdn.onjax.com/build/assets/ 678 B
877 B 55ms
54ms Script
application/javascript 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-Dg2kIGMr.js
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 9631455c02d37fbf8ad61aba21d7d2529626b9deef0d71338a133fa17a78c1fd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://www.krystal.lewith-freeman.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:23:21 GMT
content-encoding: gzip
via: 1.1 b4f99b67248205879b34cb6436fcbd88.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-P1
age: 5967235
x-cache: Hit from cloudfront
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
etag: W/"662002b2-2a6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-amz-cf-id: EyyEXhK38gWDQv3Y8qXyAAdN0LAu8Pyh4SSyDlx9ChB4Vh4PeVL2pw==
expires: Thu, 17 Apr 2025 17:23:21 GMT

GET
H2 200 index-DtTTDSzO.css
cms-cdn.onjax.com/build/assets/ 969 B
853 B 71ms
70ms Stylesheet
text/css 108.138.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-cdn.onjax.com/build/assets/index-DtTTDSzO.css
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/preload-helper-C-xhxAo8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.192.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-192-117.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 6bde75e630b4f64113316a947ce7634e13a665634c3d7734ea7c84447896b2b4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 17:27:25 GMT
content-encoding: gzip
via: 1.1 e16530c495b031b8d9b90de25e214284.cloudfront.net (CloudFront)
last-modified: Wed, 17 Apr 2024 17:11:14 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 5966991
etag: W/"662002b2-3c9"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: xVUvTq3m_PYPYcp3z0ouWZjpUeCTkoMNA0oE7HwO7G_F8wW21HYg9g==
expires: Thu, 17 Apr 2025 17:27:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
109 KB 44ms
41ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EWZ04HM5J6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-923145673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d07116f94abd93216372323d489ced7436194d734cd1d946a6e1f7594c954ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jun 2024 18:57:17 GMT

GET
H/1.1 200
OK map.png
paimg.onjax.com/officemap/fae42d/-75.699763,41.492941,10/150x150/ 19 KB
20 KB 109ms
17ms Image
image/png 13.32.121.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paimg.onjax.com/officemap/fae42d/-75.699763,41.492941,10/150x150/map.png
Requested by: Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-18.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 01c18abd76c8b6e2c5dbacb1e91246610a1bff22fe984e8d4d6744a9477b07ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 15:14:27 GMT
Via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA60-P1
Age: 186170
ETag: c464bd4ae69b046e07fb0c635a889c5c
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
X-Amz-Cf-Id: U6rIAyMfdp7H47Txs9mIo76ztFfG9JlbXdVMY6Xc5-hI0-X5BfHWuw==
Expires: Sun, 30 Jun 2024 15:14:27 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-701576759&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP9QMLM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

232efc3c9bd966d9435942937fe41027afd5716bc0cd1c8d64e154feaeb0e026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84024
x-xss-protection: 0
last-modified: Tue, 25 Jun 2024 18:24:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jun 2024 18:57:17 GMT

GET
H2 204 5667201.js Show response
bat.bing.com/p/action/ 0
117 B 108ms
104ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5667201.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 25 Jun 2024 18:57:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 484B63EEA04F4EC49D037E40BA9FE894 Ref B: FRAEDGE2008 Ref C: 2024-06-25T18:57:17Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 111ms
110ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5667201&Ver=2&mid=b74d3e3b-e473-4636-91f4-997e700d06bb&sid=be09d110332411ef88130fc55009049a&vid=be0cef40332411ef93c793af8b058b2c&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Lewith%20%26%20Freeman%20Real%20Estate,%20Inc%20-%20National%20Strength.%20Local%20Commitment.&p=https%3A%2F%2Fwww.krystal.lewith-freeman.com%2F&r=&lt=1831&evt=pageLoad&sv=1&rn=988340

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jun 2024 18:57:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 176F0E9506B145829D1515CF98A648B3 Ref B: FRAEDGE2008 Ref C: 2024-06-25T18:57:17Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 56ms
9ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=249800532233659&ev=PageView&dl=https%3A%2F%2Fwww.krystal.lewith-freeman.com%2F&rl=&if=false&ts=1719341837232&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719341837227.288696696748057012&cs_est=true&ler=empty&cdl=API_unavailable&it=1719341836867&coo=false&rqm=GET

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jun 2024 18:57:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 209ms
162ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=249800532233659&ev=PageView&dl=https%3A%2F%2Fwww.krystal.lewith-freeman.com%2F&rl=&if=false&ts=1719341837232&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1719341837227.288696696748057012&cs_est=true&ler=empty&cdl=API_unavailable&it=1719341836867&coo=false&rqm=FGET

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x66cc2b9f65759271","source_keys":["1","2"]},{"key_piece":"0x726b17f544d7a04b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 25 Jun 2024 18:57:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7384516961689681745", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=15, mss=1368, tbw=3129, tp=-1, tpl=-1, uplat=145, ullat=0
pragma: no-cache
x-fb-debug: Itmuywyi2feXMDV2T/SYy7lC0jxT41Fw0L6p6cpFpdARSlK+vinakXbiPp1w+Y5gwu20YMV/4z7NH9V8cGuOgw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7384516961689681745"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 737 KB
237 KB 116ms
74ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=drawing%2Cmarker&key=AIzaSyDGEnYrQ11f2KIxBPOBMg5h-GP6jvAmOcE&v=beta&callback=google.maps.__ib__

Requested by

Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/index-DYXFZuqr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

62956dca6bd8a9ef748acca05beecaa8fdc05c8658ea3f9b3bf1277451f00bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242164
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 44ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EWZ04HM5J6&gtm=45je46j0h1v895758471z8810717137za200&_p=1719341836675&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=949376580.1719341837&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1719341837&sct=1&seg=0&dl=https%3A%2F%2Fwww.krystal.lewith-freeman.com%2F&dt=Lewith%20%26%20Freeman%20Real%20Estate%2C%20Inc%20-%20National%20Strength.%20Local%20Commitment.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2198&_z=fetch
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/index-BG6hxZbC.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.krystal.lewith-freeman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 99ms
38ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EWZ04HM5J6&cid=949376580.1719341837&gtm=45je46j0h1v895758471z8810717137za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWZ04HM5J6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.krystal.lewith-freeman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 375ms
49ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EWZ04HM5J6&cid=949376580.1719341837&gtm=45je46j0h1v895758471z8810717137za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=205486963

Requested by

Host: www.krystal.lewith-freeman.com
URL: https://www.krystal.lewith-freeman.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
238 B 316ms
16ms XHR
application/json 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/index-BG6hxZbC.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.krystal.lewith-freeman.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 p Show response
i.simpli.fi/ 798 B
758 B 30ms
14ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=215561&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/59ff1760-7f02-0137-6114-067f653fa718
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 6bd5d5c3ad1b4c63279005b417cf4f97df5294bdfd7bbe4cdbfc59289cd0b1b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:17 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 favicon.775abd5a.ico
www.krystal.lewith-freeman.com/build/img/lewithfreeman/theme5/assets/images/ 4 KB
2 KB 105ms
104ms Other
image/x-icon 52.23.102.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.krystal.lewith-freeman.com/build/img/lewithfreeman/theme5/assets/images/favicon.775abd5a.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.23.102.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-102-130.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 58e041f7167e19763d848e5c6021afe211cd534a721f316087853699e2484b5f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 16:17:50 GMT
server: nginx
etag: W/"667aedae-10be"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=604800
expires: Tue, 02 Jul 2024 18:57:17 GMT

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F365F8FA90084F97892223B2DD30C8E2

0
240 B

78ms
30ms

Image
text/plain

2600:9000:211e:c600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F365F8FA90084F97892223B2DD30C8E2
Protocol: H2
Server: 2600:9000:211e:c600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
cache-control: no-cache, must-revalidate
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: z1YF-LS-k9oSNyJZjbZlZcWAN3qsR0bkMZGqS6vCkZj7wXENWBCmcQ==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=F365F8FA90084F97892223B2DD30C8E2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

200

RX-c958873e-08d0-4035-a903-3ed6c2552962-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/F365F8FA90084F97892223B2DD30C8E2
https://sync.1rx.io/usersync/simplifi/F365F8FA90084F97892223B2DD30C8E2?zcc=1&cb=1719341838224
https://sync.targeting.unrulymedia.com/csync/RX-c958873e-08d0-4035-a903-3ed6c2552962-003

43 B
378 B

1068ms
13ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-c958873e-08d0-4035-a903-3ed6c2552962-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 18:57:19 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-c958873e-08d0-4035-a903-3ed6c2552962-003
pragma: no-cache
date: Tue, 25 Jun 2024 18:57:18 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=F365F8FA90084F97892223B2DD30C8E2&dongle=yf3

37 B
140 B

62ms
18ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=F365F8FA90084F97892223B2DD30C8E2&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=F365F8FA90084F97892223B2DD30C8E2&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=F365F8FA90084F97892223B2DD30C8E2

43 B
175 B

971ms
92ms

Image
image/gif

35.169.21.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=F365F8FA90084F97892223B2DD30C8E2
Protocol: H2
Server: 35.169.21.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-21-146.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 25 Jun 2024 18:57:18 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=F365F8FA90084F97892223B2DD30C8E2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F365F8FA90084F97892223B2DD30C8E2
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F365F8FA90084F97892223B2DD30C8E2

95 B
436 B

20ms
19ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F365F8FA90084F97892223B2DD30C8E2

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 18:57:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 25 Jun 2024 18:57:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F365F8FA90084F97892223B2DD30C8E2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F365F8FA90084F97892223B2DD30C8E2
https://d.agkn.com/pixel/10751/?che=1719341838038&ip=146.70.117.101&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219903204924004199210
https://um.simpli.fi/aa_px?sk=219903204924004199210
https://um.simpli.fi/empty.gif

43 B
361 B

25ms
25ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 18:57:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Tue, 25 Jun 2024 18:57:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F365F8FA90084F97892223B2DD30C8E2

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 17ms
15ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 18ms
16ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58726/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=F365F8FA90084F97892223B2DD30C8E2;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=F365F8FA90084F97892223B2DD30C8E2;mimetype=img;sr
https://cms.analytics.yahoo.com/cms?partner_id=DATCS
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

0
87 B

138ms
128ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 18:57:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.121
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
date: Tue, 25 Jun 2024 18:57:18 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.121
content-length: 344
content-language: en

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=F365F8FA90084F97892223B2DD30C8E2&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=F365F8FA90084F97892223B2DD30C8E2&j=0&xl8blockcheck=1

0
771 B

40ms
40ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=F365F8FA90084F97892223B2DD30C8E2&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 18:57:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 25 Jun 2024 18:57:18 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=F365F8FA90084F97892223B2DD30C8E2&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 19ms
17ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=F365F8FA90084F97892223B2DD30C8E2

0
421 B

424ms
100ms

Image
text/plain

52.207.188.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=F365F8FA90084F97892223B2DD30C8E2
Protocol: HTTP/1.1
Server: 52.207.188.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-188-107.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 25 Jun 2024 18:57:18 GMT

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=F365F8FA90084F97892223B2DD30C8E2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=F365F8FA90084F97892223B2DD30C8E2

62 B
479 B

237ms
167ms

Image
image/gif

72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=F365F8FA90084F97892223B2DD30C8E2
Protocol: H2
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 25 Jun 2024 18:57:18 GMT
content-length: 62
x-request-id: 6f7dd1ee2cfa338aeaa32b95a6e7c111
content-type: image/gif

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=F365F8FA90084F97892223B2DD30C8E2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

404

tpid=F365F8FA90084F97892223B2DD30C8E2
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F365F8FA90084F97892223B2DD30C8E2

49 B
265 B

382ms
35ms

Image
image/gif

52.49.45.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F365F8FA90084F97892223B2DD30C8E2
Protocol: H2
Server: 52.49.45.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-45-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.98
content-length: 49
expires: 0

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F365F8FA90084F97892223B2DD30C8E2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=F365F8FA90084F97892223B2DD30C8E2

0
223 B

149ms
32ms

Image
text/plain

52.211.128.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=F365F8FA90084F97892223B2DD30C8E2
Protocol: H2
Server: 52.211.128.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-128-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
pragma: no-cache
date: Tue, 25 Jun 2024 18:57:18 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=F365F8FA90084F97892223B2DD30C8E2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=F365F8FA90084F97892223B2DD30C8E2

0
98 B

89ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=F365F8FA90084F97892223B2DD30C8E2
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 25 Jun 2024 18:57:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=F365F8FA90084F97892223B2DD30C8E2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1719341837837&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1571505124&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1571505124&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1571505124&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5w...

42 B
64 B

32ms
31ms

Image
image/gif

142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1571505124&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_sr6u7f3hgMV9UYeAh28BwycMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vd3d3LmtyeXN0YWwubGV3aXRoLWZyZWVtYW4uY29tLw&is_vtc=1&cid=CAQSKQDaQooLPc8NrwpNbJdrjanlgz7llbzs_gACDk-tIYckT8de9EdCLSRh&random=2142948841&ipr=y

Protocol

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1571505124&cv=7&fst=1719341837837&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI_sr6u7f3hgMV9UYeAh28BwycMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6J2h0dHBzOi8vd3d3LmtyeXN0YWwubGV3aXRoLWZyZWVtYW4uY29tLw&is_vtc=1&cid=CAQSKQDaQooLPc8NrwpNbJdrjanlgz7llbzs_gACDk-tIYckT8de9EdCLSRh&random=2142948841&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 26ms
24ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=F365F8FA90084F97892223B2DD30C8E2
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF365F8FA90084F97892223B2DD30C8E2

43 B
1 KB

36ms
35ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF365F8FA90084F97892223B2DD30C8E2

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:18 GMT
an-x-request-uuid: a51cab63-cd4f-4de0-a1f7-a62579fae39a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.117.101; 146.70.117.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:18 GMT
an-x-request-uuid: 0544f673-f9b4-46db-b0cb-5a57d498f5dd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF365F8FA90084F97892223B2DD30C8E2
cache-control: no-store, no-cache, private
x-proxy-origin: 146.70.117.101; 146.70.117.101; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F365F8FA90084F97892223B2DD30C8E2&expires=365

0
239 B

82ms
12ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F365F8FA90084F97892223B2DD30C8E2&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F365F8FA90084F97892223B2DD30C8E2&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=F365F8FA90084F97892223B2DD30C8E2

43 B
264 B

3433ms
23ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=F365F8FA90084F97892223B2DD30C8E2
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.krystal.lewith-freeman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 25 Jun 2024 18:57:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=F365F8FA90084F97892223B2DD30C8E2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Jun 2024 18:57:17 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 54ms
19ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.krystal.lewith-freeman.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 25 Jun 2024 18:57:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 oa Show response
www.krystal.lewith-freeman.com/ 2 B
907 B 159ms
159ms XHR
application/json 52.23.102.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.krystal.lewith-freeman.com/oa
Requested by: Host: cms-cdn.onjax.com
URL: https://cms-cdn.onjax.com/build/assets/index-BG6hxZbC.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.23.102.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-102-130.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-Token: IqwvTeVu7mtcPgJEfqLjxxFiX2ybTzdj83TYuxS0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.krystal.lewith-freeman.com/
sec-ch-ua-platform: "Win32"

Response headers

content-type: application/json; charset=utf-8
date: Tue, 25 Jun 2024 18:57:21 GMT
cache-control: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding
expires: Tue, 25 Jun 2024 18:57:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d2twz9av6or5hk.cloudfront.net
URL: https://d2twz9av6or5hk.cloudfront.net/1.6/adally.js

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F365F8FA90084F97892223B2DD30C8E2

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lewith-freeman.com/	1970-01-20 23:45:17	Name: _gcl_au Value: 1.1.903644786.1719341837
.simpli.fi/	1970-01-21 06:22:44	Name: suid Value: F365F8FA90084F97892223B2DD30C8E2
.lewith-freeman.com/	1970-01-20 21:37:08	Name: _uetsid Value: be09d110332411ef88130fc55009049a
.lewith-freeman.com/	1970-01-21 06:57:17	Name: _uetvid Value: be0cef40332411ef93c793af8b058b2c
.lewith-freeman.com/	1970-01-20 23:45:17	Name: _fbp Value: fb.1.1719341837227.288696696748057012
.bing.com/	1970-01-21 06:57:17	Name: MUID Value: 01806F1359966B5537747BBA58446A38
.bat.bing.com/	1970-01-20 21:45:46	Name: MR Value: 0
.lewith-freeman.com/	1970-01-21 07:11:41	Name: _ga_EWZ04HM5J6 Value: GS1.1.1719341837.1.0.1719341837.60.0.0
.lewith-freeman.com/	1970-01-21 07:11:41	Name: _ga Value: GA1.1.949376580.1719341837
.simpli.fi/	1970-01-20 21:45:46	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-21 06:57:17	Name: IDE Value: AHWqTUkZMe0bWPYGlZugdSwnRELic6jhk2AyaDl9agTeJexiHyMlBhUnmyC4hm43
.adnxs.com/	1970-01-20 23:45:17	Name: XANDR_PANID Value: AAQ3ZGfcPtyfemBlL4jcouzSa8WAl0VVXqZdP82XgnJYn8CORPdckWApcTqOjRkfRbf9t-w2SK9AXMVlEH7RRD49eVk-pFiRY6XzkTAZsRw.
.adnxs.com/	1970-01-21 07:11:41	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:45:17	Name: uuid2 Value: 1994374056717459493
.agkn.com/	1970-01-21 06:21:17	Name: ab Value: 0001%3ATadGRKgcUwLxRUfSJ7V%2FNIDpCILMlOSy
.pro-market.net/	1970-01-21 01:54:53	Name: anProfile Value: "g9et1xzprtwz+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800200272000000000000002E+s2=(sfngni)+vm=24-F365F8FA90084F97892223B2DD30C8E2"
.pro-market.net/	1970-01-20 22:18:53	Name: anHistory Value: "g9et1xzprtwz+2+!#7')#}#DAy"
.adnxs.com/	1970-01-20 23:45:17	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2C%yge4iN!]tbPl1N!7OnM$=BWr-glfsWh0fyXcw#':igQckfR5LXfnQLCk^L4[jS_CSkul9((j#iP(Md+>)fyRhpT7:
.exelator.com/	1970-01-21 00:28:29	Name: EE Value: "fcf05d879e0193697ca8af7c28280862"
.exelator.com/	1970-01-21 00:28:29	Name: ud Value: "eJxrXxzq6XKLQSEtOc3ANMXC3DLVwNDS2MzSPDnRIjHNPNnIwsjCwMLMaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIbEl%252BUWb6IhfXxUUpaQyLSopPBZ%252FQSAQAkGMpoA%253D%253D"
.bluekai.com/	1970-01-21 01:59:13	Name: bku Value: blx999TEKtR+wx/z
.bluekai.com/	1970-01-21 01:59:13	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDRpBMPsmWjOmE9ymeHsmEzTmE/01MBY1AHW1pOemWD09y9GDyrD
.1rx.io/	1970-01-21 06:21:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-c958873e-08d0-4035-a903-3ed6c2552962-003%22%7D
.agkn.com/	1970-01-21 06:21:17	Name: u Value: C\|0AAAAAAAALg3PjgAAAAAA
.bfmio.com/	1970-01-21 06:21:17	Name: __141_cid Value: F365F8FA90084F97892223B2DD30C8E2
.bfmio.com/	1970-01-21 06:21:17	Name: __io_cid Value: f152ae32d0340ecb0555734249eebd8fe6bc3519
.tapad.com/	1970-01-20 23:02:05	Name: TapAd_TS Value: 1719341838982
.tapad.com/	1970-01-20 23:02:05	Name: TapAd_DID Value: 67017e5b-14b1-42ce-a9b0-7c4f3efac79d
.tapad.com/	1970-01-20 23:02:05	Name: TapAd_3WAY_SYNCS Value:
.targeting.unrulymedia.com/	1970-01-21 06:21:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-c958873e-08d0-4035-a903-3ed6c2552962-003%22%7D
www.krystal.lewith-freeman.com/	1970-01-20 21:45:46	Name: XSRF-TOKEN Value: eyJpdiI6IkJ1T09aYTJxUVp3SjFzUVA0VUpGblE9PSIsInZhbHVlIjoibUg4cEVocmpjVlJxL1ZtOW5HOG5CQ2VzU3BYcTlGYUo3MDdTZEJ6bXloRDE3cDJ6S0N5NlFOUmdJYkNoMWRzNGdOSVZHL043TTlJK1dXUlkvQ1ozNzlNRCtEdmNmQWIwWW96MlNQdG1VU1pTSGRBNHRsS2d4ZUozTWdwdlNHSW0iLCJtYWMiOiJmZTM2OWE0ZmRlMmQ3YjE2OWZjZTFkZGMxMWYyOTkxNzExYzYyNDY4YjYzNThiZTA3NDU0ZTRiYjhiODJmOGM2IiwidGFnIjoiIn0%3D
www.krystal.lewith-freeman.com/	1970-01-20 21:45:46	Name: onjax_cs_session Value: eyJpdiI6Im15MGwwUDEvdGZXNzJ5QTB3aDZTMXc9PSIsInZhbHVlIjoiZ3NVVFFURHNFWUk5VEdEdGdqclNaZ0pOTWFnZkNVY2lnak5CS2Z3dlZVaDFvVVZXK0NtZE9RUFY0NkJxUzhqZU5OeG1MZi9xN0swSi8zRjFKR3k0YUlJU3Biek14dkUrbDBEQ1NQZ21uN1FMbzVRRlNwUlhXQXk5dnlrUll4T1EiLCJtYWMiOiJkZjEyMjZiYWQwYmE0NGE2NDAxODA1Y2Y5YmJmYjk0NTMzOTc2YjI3NjAwYmM3ZTU1N2QzMWQxOWJhZGEyZTRlIiwidGFnIjoiIn0%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d2twz9av6or5hk.cloudfront.net/1.6/adally.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=F365F8FA90084F97892223B2DD30C8E2 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F365F8FA90084F97892223B2DD30C8E2 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
bat.bing.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
cms-cdn.onjax.com
cms.analytics.yahoo.com
connect.facebook.net
d.agkn.com
d2twz9av6or5hk.cloudfront.net
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
krystal.lewith-freeman.com
loadm.exelator.com
maps.googleapis.com
mlsphotos.onjax.com
pacdn.onjax.com
paimg.onjax.com
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.krystal.lewith-freeman.com
d2twz9av6or5hk.cloudfront.net
sync.intentiq.com
108.138.192.117
13.32.121.18
142.250.181.226
142.250.185.132
142.250.185.99
142.250.186.162
142.250.186.67
172.217.18.10
18.239.50.10
185.89.210.153
2001:4860:4802:32::36
216.58.206.34
2600:1901:0:8eee::
2600:9000:211e:c600:1b:5138:8a40:93a1
2620:1ec:c11::237
2a00:1450:4001:810::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.71.149.231
3.73.54.118
34.111.113.62
34.254.143.3
34.91.62.186
35.169.21.146
35.204.89.238
35.244.159.8
35.244.174.68
46.228.174.117
52.207.188.107
52.211.128.173
52.215.143.111
52.23.102.130
52.49.45.15
65.9.66.64
69.173.144.165
72.246.169.24
76.223.111.18
00744c794bafb76f4f20f04c067d5c7aa35f114fd00fe084acb12f36c09c3ab2
018fa9bb2197b4fcd46754c8048da0a4f0ef9e08c097a2bdc9cdf1ee3a141ac2
01c18abd76c8b6e2c5dbacb1e91246610a1bff22fe984e8d4d6744a9477b07ad
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
04a2a0dd6652a24876f90073dede0c6a8f612c7dec72070af85eef62d1018ebc
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c79f35b7da646a9db83275d17d0473ed0efe958a11c0f723b352b32727c481d
0d83a0dd25edb1418866b1e72c9b746cf46b96f4dcb5e30ff46f51c05b065f3d
0f9226170b7b1e5a6baeebc3977b21c45fea1ad6c2b6fedfb015192066c0b8ff
1028277ea73be80e94a8736b87cc17d4446d5a074d41598fb472d925e3e80e38
11af3008f1a46526c106e4ae833a073fe92ea9500ed1f4fe1d09c312d9f38026
17eadbed5f53fd59ed8d8d6ac1e77fba00c11ca85f840a497059d6786c4ee9b0
1f5bae015fb8e3968ca4362ecec795c1981e36b3d96d3d779c7aa774c8cdffd5
22d62aeedad2b0e1e8d41c67d19dffccb52c8721d03c3ff95cb6e51871f78770
232efc3c9bd966d9435942937fe41027afd5716bc0cd1c8d64e154feaeb0e026
271fdcd5d0fbecd85e768b77827f5647a7bd116fb699ce963a90e7788a9fcdf3
2a782da3d1a0c3b473bc25ec2b8923008f71b6513f6860dc41ea6f78b6af6ced
2c0ad980fe03aa200f14823542f4a6378b51e44848d598e5c93139d916a0a164
2e9998ecb582ce866f788e49bb999afa39c5bfefa9b50604b6a6d8b954764f63
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
35b0e0effde9824fece5de54355440a5476b171eed66b370f025fda768d4088c
35cc39d4ca688292d485815cdd27f68df511bc46508235acedf4f84b471e4278
3c6f93d0a83aad5f8f5848ed3015513078a8b8daf336d0e9dd6f60a61ddd90ef
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
406b4927260bc84a97b4141cf22d24c48da36bca2953fceeac76750b2c099016
40e9626db077ab351ac517867557a13dd4ae92586a5687630c1da3d87c7ba86f
41ee5aa1359a959c5f990ded7a6426fa0f5fc4a4ca0a11d449d77f9a6cc20720
424cb70bb6597d95c9cb418ccc6fc17dc911cc52110076ab23dcdd1cdaac9880
454681212b2e345641eb7f896241b819e0ecf5e05e0523267c98c76bd0f15557
4b47d420b558ec21ee4b826185f9545cba694dc273476d4056b2c44ae9c0121a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
58e041f7167e19763d848e5c6021afe211cd534a721f316087853699e2484b5f
5ab16ac2f62a5cf9920b2cd5d9aa120e72eda794b68b2fb3baf7d71ab6bd4f1e
5c5d49d93446231868b99d462759327fa7b43da211b6a059edf4eac2914c2f42
5cb8629ea970563e09000eb290ef10db1336a174d4a1dc6a286f866a8003b2ed
5ce071a330aa7551466e2bb532d8206721dd1c702a870136773d1e9efd2a14a3
5d07116f94abd93216372323d489ced7436194d734cd1d946a6e1f7594c954ff
5dd9276051452190f1813b255fed74c8edabca4cee462d0897078457040b485a
5e4e914fbace0ec1f2dce6b85bf74ffee968bcf22ebbb9e73bfa250ae4524305
60ae349edc863ac208bc14d13c276c11de8005730e571118d3ac497fe51c3e1e
62792f13c82c9ef0d09dda1a5c2fdfcc27c6aa191185f8df1b94f4bbbcc4152a
62956dca6bd8a9ef748acca05beecaa8fdc05c8658ea3f9b3bf1277451f00bda
68cceaabdc6137248d2f78fc64b7ec41ed67dea9355fa61dd45fb7bf0fd002b0
6bc6e815013cc4b87a80ee91f88a31db69082ee38c60774e5bb8e5423ee31b5b
6bd5d5c3ad1b4c63279005b417cf4f97df5294bdfd7bbe4cdbfc59289cd0b1b2
6bde75e630b4f64113316a947ce7634e13a665634c3d7734ea7c84447896b2b4
6c9ed68d8f1a2a92bfbad2bb125fc3d5c7e147aca9f66dd9eabaa0c06e4106f5
6d3bfbc318b13dc1f2ab090f7d69289bb156709d7a28203799195a92f82a7d12
6f67cfd46f61bff4f487dda6b3ec7763aa4dce2cebb9db140a558cbf0550b26e
70cd2c112a8f4e9538a5a0846bf8a679f2bedfc0d17ad5e5870108dbcc785ce3
7735a05a53b1c9e4358e5d8a987a74b47aeb235179eb5f140fed6e2145d50159
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7ab7c5b614cf1947c4254cb4d46d04dc88340731ed936c7eb792785316242a19
7cb07e650849436a5a34a63b7e6ea0b2bff5d9b8356bd9c187a5bf15bb466e60
7f2286f1eaca72c2494dd3c9b5676a53fd27afc320b6f92b8669a343d71091c2
801373bbcc73aa41d3bd45019a462986a3e6cb1329e87b9d5fe92b891a0a265d
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82419abfbbf3422d6415d35c35aaba16b69f7d4b8ec44443e283e623c172cec1
889b6b1b3e7c639c0c3f388e0e910b5a33872ed693877d5f449bf71db4035ee6
89079f8d50405fb841ea0681d9cfb843ee7b9cc5a7816ada2686a838f932a8b2
8ddc9a200fcc926c2baa4046c2acc9b2c4f77abb9d75c94567301d13a46d578d
906d978f30b80ed0cd78a2593d6487e7ae7d35e64261d6638d686c0f19400bf4
91241cdfd5f08d519c80f8395ffc3073ec08b4a3eb4454165434a8af3f57470d
9625379badd4849610dfe6c15453cdf0c0071264c90eef177307fac094d2aa6c
9631455c02d37fbf8ad61aba21d7d2529626b9deef0d71338a133fa17a78c1fd
97bbe3c968cbc7dff9dbf3984f610b11be044174e53dc0efe4ca5c0aa855137c
99631de842ee9ec39449c40d101ea96bcfb43b09ecd39233cdae737944a6d616
9b9e49816ccd714b4f80739c6e388ad009620af5840d5de3f252c7bdfda21791
9c1249ac344ac2ba5266d08460e9a083aecca1b96b592eafc4a7b4c754e2e928
9db9c977f085c13ed50db3fedb6c9a6d597ae7bf936dd67562bde7b6fcefcbf5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acba0a95054dd87fe3f61d0a6d3d02ac5d101e7f9cac9d6820202296a0377789
ae6651a8013d4e5666a38cfed3989312af7d5a3f10bad129673209198772a7f2
b3c75105fbe52faeb8982b0bf8646e8fd3af09937730096df1ae4f348b529bc9
b4b2a85a0dae0386f9737cdd2d3edcceda15dedf01440f2fcc5546f690b06e25
b9d5f16c3c596590819ad6dae8edd5b369099376b4460d9e9b0019eb4729bbcc
ba3914b504386ea2b94abb0b71abfac732813c61fed011743fa8cd887061fb52
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bebc0f0b0f3f0d604b66f57a451f92e3ac61cf6911242d0d274f1c282a70a2fe
bfe4cbef099b5ecc703dff0c18c137e4bd3ccee71183e75a74fb630d411c5514
c026d2a4b443fcd1180aff723e5b12d004b8718eb43ac8bf2e07d21e3e08419d
c4897569570b920655981f9617c251114bd72b42a53ff6cf3e2f7a7481c25967
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbc2f9d5867c3b1fa94a73a4c1c2cab84eaa4017106411eb78836345314e92d4
ce6908da713f343ca120631bf7f393fad68eea941885f0b76998de5b1ba5f89d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2be9da0eaba7c7fc5725fe09de742eb06cabfdc1e1046f24c82ab5fc17ced06
dbbfb08a5228e684147b4c7435a7592aca6d4b9221db32a5358040564ba10181
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0292aa23e74f221263a5ad0e5e9318ef960cfa70a87209745b723ab0dddb451
e086c5ad6e8c6f3fdc3b6922708734d367fc188aeb9d7f9f57f4332935e8c5d8
e098158bbfef9ca4dc9542bfc74bfe00893f1e4abc581912f5985df6dae4a630
e372d2eaaf32789c07296f88cebef9b35e9e6e20faaa46c3d76596fd6d800ce1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed7b52ed3588b372c66ff25f7be769bdcc1c4a19cbbd70a14959a648d37adc4
eedd826ab959d4c9da06dcc0812a5f35c9a87558212910d486a8110ecd152361
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d7e21a15d41ad17eef279dbd39c3793b651a0be46d4609306d029b483787ae
fd84acc3ca830df0a3309ae4cc00628a44480d86c5048cfd48d9330761cef630
fe36288a8816e0454c10ad37bdada516d04082ed91edd94d083117b2a4d10246
fe53937f95c26c5c69807821fdfb18520f9d7893e0ae88ba4c1786aba54dd6f2
ff3f444431a1db8f4de111e846893c1e7fc23d8814d32d0f8021f8bb320659b4

www.krystal.lewith-freeman.com Open in urlscan Pro 52.23.102.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

85 %HTTPS

25 %IPv6

33 Domains

45 Subdomains

37 IPs

6 Countries

3366 kBTransfer

13575 kBSize

32 Cookies

3 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.krystal.lewith-freeman.com Open in urlscan Pro
52.23.102.130 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

85 %
HTTPS

25 %
IPv6

33
Domains

45
Subdomains

37
IPs

6
Countries

3366 kB
Transfer

13575 kB
Size

32
Cookies

124 HTTP transactions
2 data transactions