virtualvacation.us Open in urlscan Pro
185.199.111.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://virtualvacation.us/guess
Submission Tags: falconsandbox
Submission: On February 22 via api (February 22nd 2022, 3:34:45 pm UTC) from US — Scanned from US

Summary HTTP 93 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 27 domains to perform 93 HTTP transactions. The main IP is 185.199.111.153, located in United States and belongs to FASTLY, US. The main domain is virtualvacation.us. The Cisco Umbrella rank of the primary domain is 339696.
TLS certificate: Issued by R3 on January 14th 2022. Valid for: 3 months.

This is the only time virtualvacation.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	185.199.111.153 185.199.111.153	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.173.207 192.229.173.207	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.205.16 13.225.205.16	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:310... 2606:4700:3108::ac42:2b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
2	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
11	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ec:b400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	3.129.242.122 3.129.242.122	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
4	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:45cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	68.67.160.25 68.67.160.25	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9d	15169 (GOOGLE) (GOOGLE)
1	13.225.230.7 13.225.230.7	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:214... 2600:9000:2140:4800:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.67.5.55 104.67.5.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2	2a02:6ea0:c60... 2a02:6ea0:c600::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
5	18.190.45.198 18.190.45.198	16509 (AMAZON-02) (AMAZON-02)
2 2	54.80.152.36 54.80.152.36	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.231.251.31 34.231.251.31	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	54.85.224.115 54.85.224.115	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	104.18.99.194 104.18.99.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2006	15169 (GOOGLE) (GOOGLE)
3	213.95.181.109 213.95.181.109	12337 (NORIS-NET...) (NORIS-NETWORK IT Service Provider located in Nuernberg)
4	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
93	34

17 185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com

virtualvacation.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (Queens, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.173.207 (New York, United States)

ASN15133 (EDGECAST, US)

www.w3schools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.205.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-205-16.ewr50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2b42 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

afarkas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80c::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:b400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.129.242.122 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-242-122.us-east-2.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:45cd (United States)

ASN13335 (CLOUDFLARENET, US)

country.adinplay.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.25 (Brooklyn, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9d (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.230.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-230-7.jfk51.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2140:4800:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.67.5.55 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-67-5-55.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2002 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2001 (Queens, United States)

ASN15169 (GOOGLE, US)

adc1dabaf6b7ed6fb0f8404ec2e44173.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c600::11 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)

cdn.adspirit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.190.45.198 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-45-198.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.80.152.36 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-152-36.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.251.31 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.224.115 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-224-115.compute-1.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.99.194 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2006 (Queens, United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.95.181.109 (Oberschleissheim, Germany)

ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE)
PTR: webportal-adspirit.de

adinplay.adspirit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sharethis.com 1 redirects platform-api.sharethis.com — Cisco Umbrella Rank: 4701 buttons-config.sharethis.com — Cisco Umbrella Rank: 5594 l.sharethis.com — Cisco Umbrella Rank: 4302 count-server.sharethis.com — Cisco Umbrella Rank: 10992 platform-cdn.sharethis.com — Cisco Umbrella Rank: 10263 t.sharethis.com — Cisco Umbrella Rank: 5820 sync.sharethis.com — Cisco Umbrella Rank: 2516	65 KB
17	virtualvacation.us virtualvacation.us — Cisco Umbrella Rank: 339696	4 MB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	753 KB
8	googlesyndication.com adc1dabaf6b7ed6fb0f8404ec2e44173.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	38 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 static.doubleclick.net — Cisco Umbrella Rank: 309	151 KB
5	adspirit.de cdn.adspirit.de — Cisco Umbrella Rank: 95834 adinplay.adspirit.de — Cisco Umbrella Rank: 406071	14 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 acdn.adnxs.com — Cisco Umbrella Rank: 547	20 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	123 KB
2	adsymptotic.com 2 redirects p.adsymptotic.com — Cisco Umbrella Rank: 497	570 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 283	489 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1357	884 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	926 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 845	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 629	900 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1160	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	github.io afarkas.github.io — Cisco Umbrella Rank: 132129	5 KB
2	adinplay.com api.adinplay.com — Cisco Umbrella Rank: 10107	128 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 802	45 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250 fonts.googleapis.com — Cisco Umbrella Rank: 35	32 KB
1	workers.dev country.adinplay.workers.dev — Cisco Umbrella Rank: 35190	620 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
1	w3schools.com www.w3schools.com — Cisco Umbrella Rank: 16063	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	7 KB
93	27

	Domain	Requested by
17	virtualvacation.us	virtualvacation.us
11	www.youtube.com	virtualvacation.us www.youtube.com
5	sync.sharethis.com	virtualvacation.us
5	platform-cdn.sharethis.com	virtualvacation.us
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ib.adnxs.com	1 redirects api.adinplay.com acdn.adnxs.com
4	securepubads.g.doubleclick.net	api.adinplay.com securepubads.g.doubleclick.net
4	maxcdn.bootstrapcdn.com	virtualvacation.us maxcdn.bootstrapcdn.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	adinplay.adspirit.de	cdn.adspirit.de
3	t.sharethis.com	platform-api.sharethis.com t.sharethis.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	p.adsymptotic.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	ml314.com	1 redirects virtualvacation.us
2	match.adsrvr.org	2 redirects
2	ps.eyeota.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	loadus.exelator.com	2 redirects
2	cdn.adspirit.de	api.adinplay.com cdn.adspirit.de
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	l.sharethis.com	1 redirects virtualvacation.us
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	afarkas.github.io	virtualvacation.us
2	api.adinplay.com	virtualvacation.us api.adinplay.com
2	unpkg.com	virtualvacation.us
1	www.google.com	tpc.googlesyndication.com
1	static.doubleclick.net	www.youtube.com
1	acdn.adnxs.com	api.adinplay.com
1	adc1dabaf6b7ed6fb0f8404ec2e44173.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	count-server.sharethis.com	platform-api.sharethis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	country.adinplay.workers.dev	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	fonts.googleapis.com	virtualvacation.us
1	www.googletagmanager.com	virtualvacation.us
1	platform-api.sharethis.com	virtualvacation.us
1	www.w3schools.com	virtualvacation.us
1	cdnjs.cloudflare.com	virtualvacation.us
1	ajax.googleapis.com	virtualvacation.us
93	42

This site contains links to these domains. Also see Links.

Domain
www.geoguessr.com
www.w3schools.com
codepen.io
pursued.nemesys.hu
twitter.com
www.facebook.com
pinterest.com
www.linkedin.com
virtualvacation.typeform.com

Subject Issuer	Validity	Valid
virtualvacation.us R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.w3schools.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-27` - `2022-05-02`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
adinplay.com Cloudflare Inc ECC CA-3	`2021-07-22` - `2022-07-21`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adspirit.de Sectigo RSA Organization Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://virtualvacation.us/guess
Frame ID: 041F418E1D94F95B2C8CFFE2AF02C57D
Requests: 64 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
Frame ID: 03D9A4B7D49BCD764642315BCB04A227
Requests: 12 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.858.22997&cid=c010&cls=B
Frame ID: EDB7CAB84B092772EB4FDD8C36996713
Requests: 1 HTTP requests in this frame

Frame: https://adc1dabaf6b7ed6fb0f8404ec2e44173.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29163F8269AFE1B679FF83A2337A73D9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A67CAD2011F78853C0DD209FD0F61F54
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/1.858.22997/a/US/t_.js?cid=c010&cls=B
Frame ID: 587CB74EE9ABDE230185E466CC6CCB28
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D479C103E454BD9E7C8D74D427BC3A48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E7890316C4F0B1FB468A4BA023E342B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

City Guesser - Can you guess what city you're in?

Detected technologies

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

leaflet.{0,32}\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

93
Requests

90 %
HTTPS

55 %
IPv6

27
Domains

42
Subdomains

34
IPs

3
Countries

5974 kB
Transfer

9431 kB
Size

27
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.geoguessr.com/
Title: GeoGuessr

Search URL Search Domain Scan URL

URL: https://www.w3schools.com/w3css/w3css_cards.asp
Title: W3 CSS Cards

Search URL Search Domain Scan URL

URL: https://codepen.io/mirandalwashburn/pen/MWawdxr
Title: Modern Travel Cards

Search URL Search Domain Scan URL

URL: http://pursued.nemesys.hu/
Title: Pursued Maps

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fvirtualvacation.us%2Fguess&text=This%20guessing%20game%20pops%20you%20into%20the%20ambience%20of%20a%20random%20city%20and%20you%20have%20to%20guess%20where%20you%20are%20at.%20You%27ll%20be%20able%20to%20see%20cars%20driving%20around%20you%20and%20people%20walking.%20Can%20you%20get%20100%25%3F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fvirtualvacation.us%2Fguess
Title: Facebook

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fvirtualvacation.us%2Fguess&media=https%3A%2F%2Fvirtualvacation.us%2Fstatic%2Funsplash1.jpg&description=This%20guessing%20game%20pops%20you%20into%20the%20ambience%20of%20a%20random%20city%20and%20you%20have%20to%20guess%20where%20you%20are%20at.%20You%27ll%20be%20able%20to%20see%20cars%20driving%20around%20you%20and%20people%20walking.%20Can%20you%20get%20100%25%3F
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&title=This%20guessing%20game%20pops%20you%20into%20the%20ambience%20of%20a%20random%20city%20and%20you%20have%20to%20guess%20where%20you%20are%20at.%20You%27ll%20be%20able%20to%20see%20cars%20driving%20around%20you%20and%20people%20walking.%20Can%20you%20get%20100%25%3F
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://virtualvacation.typeform.com/to/VAdncnhj
Title: Submit Video

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://l.sharethis.com/pview?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&cms=unknown&publisher=5efe4a1ed9c6890012469011&sop=true&version=st_sop.js&lang=en&description=City%20Guesser%20is%20a%20game%20that%20plops%20you%20into%20a%20random%20city%20and%20forces%20you%20to%20guess%20where%20you%20are%20at! HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&cms=unknown&publisher=5efe4a1ed9c6890012469011&sop=true&version=st_sop.js&lang=en&description=City%20Guesser%20is%20a%20game%20that%20plops%20you%20into%20a%20random%20city%20and%20forces%20you%20to%20guess%20where%20you%20are%20at!&samesite=None

Request Chain 66

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 67

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=2ca9f5ab31de387a8710e6f9d6fba8eb

Request Chain 68

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/int/lotame?uid=1d76de1155f53fe7dff666ef5d961774&gdpr=0&gdpr_consent=

Request Chain 69

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2r9ryoE3ZtRqgT9XdvwDYcuwvSjOIwxumK93ZuMC-CO0&gdpr=0&gdpr_consent=

Request Chain 70

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=ace4bfa6-4fd3-4824-b803-4dafaaa0f4b5&gdpr=0&gdpr_consent=

Request Chain 71

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3625322215995604996 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNTMyMjIxNTk5NTYwNDk5NhAAGg0IkIXUkAYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=1d71fb0c3d26ebb254cbcdf8637357dfa5cbd5ce3e61cd70b18639a423b76a06f4cb09cee1a4f8eb&person_id=3625322215995604996&eid=50082

Request Chain 72

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1645544079990 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&_rand=1645544079990&_expected_cookie=37d2949dac110ab3cc814e9dff24fd45 HTTP 302
https://sync.sharethis.com/drawbridge?uid=37d2949dac110ab3cc814e9dff24fd45

Request Chain 73

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request guess Show response
virtualvacation.us/ 154 KB
47 KB 16ms
4ms Document
text/html 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

b5c198693aa2381fa368e7bd7425cefa519ccb4877be9d669d67b37edf28cd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"61b29893-26670"
expires: Tue, 22 Feb 2022 13:03:54 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 688C:6791:30CDD9:4A4DC3:6214DCE2
accept-ranges: bytes
date: Tue, 22 Feb 2022 15:34:39 GMT
via: 1.1 varnish
age: 372
x-served-by: cache-lga21970-LGA
x-cache: HIT
x-cache-hits: 1
x-timer: S1645544079.181791,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: d39a0e88d4cdd05d3876949a4aef6db56bf8fba6
content-length: 47476

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
24 KB 69ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 23585394
cdn-cachedat: 2021-05-25 11:04:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1a1dc281ed5dee1d0afe8adea1b81e0f
cf-ray: 6e19479f49d019b2-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 20ms
4ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 06:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Feb 2023 06:08:52 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 42ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2298334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6696
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=othlalbyaDQEchhxpfPbkpUxFOn8EVoLWxuw2fUvukEG2V9kPAdiBhD32IxE%2FGh7alpFDOf8%2FFzaVzOwPE7NzeuyVEQB2IJQxS5nEAZC27%2FVKesZR4l36bi6z3Mm6%2BptCYQZhIbFWAd9QbQ5RI0F30xb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e19479f3cdd1a44-EWR
expires: Sun, 12 Feb 2023 15:34:39 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/js/ 59 KB
15 KB 67ms
26ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718, 718
age: 23585404
cdn-cachedat: 2021-05-25 11:02:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 54d1e022848441428f713e2a16f2649c
cf-ray: 6e19479f49d819b2-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/latest/css/ 30 KB
7 KB 63ms
22ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 23585405
cdn-cachedat: 2021-05-25 07:51:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 18ed99c37035b95cf31f1f0f2b47086c
cf-ray: 6e19479f49d719b2-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 w3.css
www.w3schools.com/w3css/4/ 23 KB
5 KB 20ms
5ms Stylesheet
text/css 192.229.173.207
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.w3schools.com/w3css/4/w3.css

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.173.207 New York, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D2F) / ASP.NET

Resource Hash

c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding: gzip
etag: "057b8d5c827d81:0"
last-modified: Tue, 22 Feb 2022 08:47:34 GMT
server: ECS (nyb/1D2F)
age: 3458
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=14400,public
date: Tue, 22 Feb 2022 15:34:39 GMT
accept-ranges: bytes
content-length: 5258
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;

GET
H2 200 leaflet.css
unpkg.com/leaflet@1.6.0/dist/ 14 KB
3 KB 31ms
20ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.6.0/dist/leaflet.css

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Origin: https://virtualvacation.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23585405
fly-request-id: 01F6J4AGAGR97B8HVNJZE2D2JE
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"37bc-eNGUkCb3bhCXe6sFt0PSpUCo4lU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e19479f1e661885-EWR

GET
H2 200 leaflet.js Show response
unpkg.com/leaflet@1.6.0/dist/ 139 KB
42 KB 29ms
18ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.6.0/dist/leaflet.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cda11af090fd86b983db352266309382c9f441d8384f41ed2b19383346ccaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Origin: https://virtualvacation.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23585402
fly-request-id: 01F6J4AJ3E6AHNGVJJDXAT34YZ
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"22d09-HJo6tWuVO3o/u4lm8+IrxwxIyMk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6e19479f2e671885-EWR

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 16ms
4ms Script
text/javascript 13.225.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.205.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-205-16.ewr50.r.cloudfront.net

Software

Resource Hash

444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:24:58 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 581
etag: W/"2df1b-sQ5Sn/JpfKxrQLYebTQ3d0yXV0s"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: EWR50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: dOPvSMdaZ7A_PxmYjVPwyGoEHOOeGVWFPdbByMB-ySgUFgH-h5YeaA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 33ms
18ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153516768-4

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5408b63b428b6d8948fc969701c59410123e6c3c2941e0824a6f913cb3e5a2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37303
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Feb 2022 15:34:39 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/ 433 KB
127 KB 55ms
31ms Script
application/javascript 2606:4700:3108::ac42:2b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Requested by: Host: virtualvacation.us
URL: https://virtualvacation.us/guess
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf73ce2890d53a3e52005d155c869d164fd1e4ccad2b926e978e8b71ecf8e98

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1549856
x-host: adinplay-1
last-modified: Fri, 04 Feb 2022 17:03:30 GMT
server: cloudflare
etag: W/"61fd5c62-6c257"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tI669kfvnj%2FoOeh57XtGrpKeg7FZw0%2FhTTFwzXo5KfyS2cf2b%2F%2BPrU0N8O%2Blo9cAOAb60bVCrQe9cstQiuopAu8zVGg6qAY%2F5apFOW0pS9qSoqVwzB8dUBRaqycrcmOB7eUV4Tdtx%2B0JI%2B5pKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 6e19479fdbac8cca-EWR

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 34ms
19ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@600&display=swap

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27aabc3490a7bd53a4fb7ffc7f6989fd6b491c481dafe635489f7a0b196595f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 15:34:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 15:34:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 15:34:39 GMT

GET
H2 200 ls.bgset.min.js Show response
afarkas.github.io/lazysizes/plugins/bgset/ 3 KB
1 KB 18ms
5ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/plugins/bgset/ls.bgset.min.js
Requested by: Host: virtualvacation.us
URL: https://virtualvacation.us/guess
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: fdc86af6b876afc083f78dab375e15c6073b9281
date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: gzip
age: 481
x-cache: HIT
content-length: 1286
x-served-by: cache-lga21924-LGA
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: FBB6:163E:19CD6A:2D1FB3:6214915E
x-timer: S1645544079.225439,VS0,VE1
etag: W/"60a2374e-bf7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 22 Feb 2022 07:35:54 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ 8 KB
4 KB 18ms
4ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: virtualvacation.us
URL: https://virtualvacation.us/guess
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 0529a213e1c25771273d1614331eb6d0fb519019
date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: gzip
age: 232
x-cache: HIT
content-length: 3497
x-served-by: cache-lga21924-LGA
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: 8C30:3832:EEB89:19EACB:620C9935
x-timer: S1645544079.225469,VS0,VE1
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 16 Feb 2022 06:33:56 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 confetti.js Show response
virtualvacation.us/ 8 KB
2 KB 4ms
4ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://virtualvacation.us/confetti.js

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

be48274a9a0273108bfc415139fa536157ee97f684a57f3023f00fbb19375d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 976cb4aaeff5ca5fb671343a13b9d8c70f1f135a
strict-transport-security: max-age=31556952
content-encoding: gzip
etag: W/"61b29893-1e20"
age: 315
x-cache: HIT
content-length: 2091
x-served-by: cache-lga21970-LGA
access-control-allow-origin: *
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 148E:4B66:2428CF:352926:62146842
x-timer: S1645544079.213187,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Tue, 22 Feb 2022 04:46:18 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/ 75 KB
76 KB 61ms
44ms Font
application/font-woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/latest/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css
Origin: https://virtualvacation.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 625, 617, 617
age: 5299866
cdn-cachedat: 2021-06-08 13:49:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/font-woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 32c4d3b5e73da3c639cf67a3df5a01a6
accept-ranges: bytes
cf-ray: 6e19479fc8298c69-EWR
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 49ms
29ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

386d6705d2d0272a475b99ea3da6e3fa565474e45128668f6daf3b9d71ed694d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Tue, 22 Feb 2022 15:34:39 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDGUmdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v22/ 14 KB
14 KB 41ms
25ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v22/XRXI3I6Li01BKofiOc5wtlZ2di8HDGUmdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d46dee7f7bcf947af690cf2d153c90fc78305ce2ab3af3b98ab0919b42e25b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://virtualvacation.us
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 08:32:07 GMT
x-content-type-options: nosniff
age: 284552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14112
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:09:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 19 Feb 2023 08:32:07 GMT

GET
H2 206 silence.mp3
virtualvacation.us/static/ 2 MB
2 MB 4ms
4ms Media
audio/mp3 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://virtualvacation.us/static/silence.mp3

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

78d76f6d29f3611b13b028444776438f99f827dab7a049878b76084dcad30069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://virtualvacation.us/guess
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

x-fastly-request-id: b4b7ea24b3ed2aa5141eb5cf86f1f516d876773a
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-24aac0"
age: 241
x-cache: HIT
Content-Range: bytes 0-2403007/2403008
Content-Length: 2403008
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 4A2A:04B6:27CC4A:4039F6:6214D705
x-timer: S1645544079.371278,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: audio/mp3
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 12:38:53 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 5efe4a1ed9c6890012469011.js Show response
buttons-config.sharethis.com/js/ 1 KB
1 KB 83ms
57ms Script
text/javascript 2600:9000:21ec:b400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5efe4a1ed9c6890012469011.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21ec:b400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

95a393d0029fc7c029bbb7ccc2fb8181d603a069439e4c076290c300f9d743a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:40 GMT
content-encoding: gzip
etag: W/"f6346a62889bd3713ae64610c131e0cb"
last-modified: Sun, 10 Jan 2021 02:43:00 GMT
server: AmazonS3
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
cache-control: public, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: 4pHnKF5Ub2UioftgpxKlWU557tqF9VESkc0-ZA1t358VPUQ1_Th4eA==

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmp...
https://l.sharethis.com/sc?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=...

160 B
684 B

26ms
26ms

XHR
text/plain

3.129.242.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&cms=unknown&publisher=5efe4a1ed9c6890012469011&sop=true&version=st_sop.js&lang=en&description=City%20Guesser%20is%20a%20game%20that%20plops%20you%20into%20a%20random%20city%20and%20forces%20you%20to%20guess%20where%20you%20are%20at!&samesite=None

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

3.129.242.122 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-129-242-122.us-east-2.compute.amazonaws.com

Software

Resource Hash

7858e98d4a49fcf6c5705eced04d55eef3caae23c3de39bdc4f838bb35e5ac0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:34:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://virtualvacation.us
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 160
Stid: ZH8ACmIVAo8AAAAIEqxUAw==

Redirect headers

Date: Tue, 22 Feb 2022 15:34:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://virtualvacation.us
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Location: /sc?event=pview&hostname=virtualvacation.us&location=%2Fguess&product=sticky-share-buttons&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&cms=unknown&publisher=5efe4a1ed9c6890012469011&sop=true&version=st_sop.js&lang=en&description=City%20Guesser%20is%20a%20game%20that%20plops%20you%20into%20a%20random%20city%20and%20forces%20you%20to%20guess%20where%20you%20are%20at!&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 623
Stid: ZH8ACmIVAo8AAAAIEqxUAw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
4ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153516768-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4223
date: Tue, 22 Feb 2022 14:24:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 16:24:16 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 44ms
25ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

sffe /

Resource Hash

bc9a9a51f6b4b694a54e98e67ab73322e82bd8e27474d9f1fd5dd3112f5728e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27578
x-xss-protection: 0
server: sffe
etag: "1139 / 477 of 1000 / last-modified: 1645531692"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Feb 2022 15:34:39 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 34ms
11ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220222

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c858b393dfc30fafa6c155823a2a747d793ca26288ab305128460be0a7f2a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2015
x-jsd-version: 1.0.1261
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-lga21937-LGA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6a2-aIMcs6pLARzv69outHmmfsUexNs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e1947a09ee48c48-EWR

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
364 B 38ms
37ms Script
application/javascript 2606:4700:3108::ac42:2b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1236445
x-host: adinplay-2
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQ9mVvwWj24Td2ux%2FCfSokTAn1Ti4Yp6AUvvAFCVTlVK1xOOeHY3Hu9qc5a4d%2BkxjPBpimVgOLnIM2Voy1Nfh6etbtjwE%2FFQg1M3AIA1VtbWF3F499%2F%2FsqxyAH%2FCmyDR6FUglPC1fExeK4cBo44%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6e1947a07d768cca-EWR

GET
H2 200 / Show response
country.adinplay.workers.dev/ 2 B
620 B 35ms
12ms XHR
text/plain 2606:4700:3033::6815:45cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://country.adinplay.workers.dev/
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTeDRiMItu%2BSlCPuhhp3PK48o9sCCyxj%2FvRLTmF6yHODHyQkNS%2BGhYjlAXajg9ZtpuumNNdwRJGjwlY8JsVj4ftUptUPOHMMTo377g4J7P%2BppXgvl9ZiZOxonJdLI5oK03byWc9h0DeLLAOxSlg2t648WpRXzHVL9vfR"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e1947a09ea38c93-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H2 200 entireglobe.jpg
virtualvacation.us/static/ 368 KB
369 KB 5ms
3ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/entireglobe.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

fc859a334b3b155ea6a35004a2f2440cb32b957112dc270bfd1aa07eb909e08f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 7c206fb1105e8454a2cbb79e2c2072635df4cff1
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-5c033"
age: 18
x-cache: HIT
content-length: 376883
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: AA3E:3133:16F5B5:2F2179:6214DCE3
x-timer: S1645544079.441318,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:02:41 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 usa.jpg
virtualvacation.us/static/ 901 KB
902 KB 22ms
21ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/usa.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

1fe496c07fac51109659619aa985f0ccc90956577fdc367d6b36292a7ab3ab5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 46664232d3c930684e32e17918fcf9a40638843f
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-e12ee"
age: 18
x-cache: HIT
content-length: 922350
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 3890:391F:1640D1:2E6384:6214DCE3
x-timer: S1645544079.441847,VS0,VE2
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:55 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 euflags.jpg
virtualvacation.us/static/ 61 KB
61 KB 7ms
5ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/euflags.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

cb52fafd0efae05e37e7144bd9251155f60b276b76923dfe31b1368b5d96a047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 7c6b2ea62e0c24586b9f9568becf58c18f166b28
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-f448"
age: 18
x-cache: HIT
content-length: 62536
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 781E:6DC1:20BF99:395F0F:6214DCE3
x-timer: S1645544079.442094,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:55 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 monuments.jpg
virtualvacation.us/static/ 59 KB
59 KB 10ms
8ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/monuments.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

b020a567020c15e833bb380277be210fcb69f60b2120952d7fab9f419312c626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 03cd3c15c990951810f9b7aab8dade6595f8b266
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-eb73"
age: 18
x-cache: HIT
content-length: 60275
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 12CE:1FA0:2434B6:3CF28B:6214DCE3
x-timer: S1645544079.442166,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:55 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 canadian.jpg
virtualvacation.us/static/ 68 KB
68 KB 25ms
24ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/canadian.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

9b2459fe86499770da5300aa745e75a2a42a8438e3ced336f975b04dc1160cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: c5519ce0a04f2a3b0da21f1da908f8ab88b0daff
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-11084"
age: 60
x-cache: HIT
content-length: 69764
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 77B8:660F:18F69E:311F9D:6214DCE5
x-timer: S1645544079.442234,VS0,VE2
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:57 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 russianflag.jpg
virtualvacation.us/static/ 22 KB
22 KB 11ms
10ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/russianflag.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

49d5139ea6580787a03471ff60ccfb1d7159a041da154403928b3d97238d6448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 795670523b2667da95ec161ece9c42fb64853a69
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-56c7"
age: 60
x-cache: HIT
content-length: 22215
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 99CA:041D:20F59E:39B0F0:6214DCE4
x-timer: S1645544079.442448,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 unionjack.jpg
virtualvacation.us/static/ 22 KB
22 KB 12ms
11ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/unionjack.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

c88aa2c0c5121e3ab4df8cc8ad50e7432af4b7d8fd3420068c25e3c7206f442d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 765992c3a77ef45c53d4e5c51e57f8ed0b9b0042
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-5627"
age: 60
x-cache: HIT
content-length: 22055
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: B45A:757B:21C0EA:3AA0AC:6214DCE4
x-timer: S1645544079.442510,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 frenchflag.jpg
virtualvacation.us/static/ 10 KB
10 KB 12ms
12ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/frenchflag.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

f1848af4a450dd27d9e9e185368412d4184b07b2ba867ad7de41d0d721035675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: e3a71b221d3e7224cf4f58749a29bcd9a279f002
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-27b0"
age: 60
x-cache: HIT
content-length: 10160
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: E33A:0C51:32DFBE:4C772A:6214DCE4
x-timer: S1645544079.442506,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:02:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 seasia.jpg
virtualvacation.us/static/ 38 KB
38 KB 16ms
15ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/seasia.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

da1e96273329820e5b057812cbd0ee310fa20e3861e7c1a40d80efe7e5d634f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 95e3bea97302d1e952d0046ed288cba1dc455dfd
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-9607"
age: 19
x-cache: HIT
content-length: 38407
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 54D6:216F:2198A0:3A6638:6214DCE4
x-timer: S1645544079.442597,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 japanflag.jpg
virtualvacation.us/static/ 38 KB
38 KB 17ms
17ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/japanflag.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

362d67b2832f4fd49adfb966f963bd0ec808a9ced1bfd21dceb8fa82a19429bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 913f28fda8e958cb0a0e887acd1a8ca2a439850e
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-9913"
age: 19
x-cache: HIT
content-length: 39187
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: A8BE:3135:22917A:3B615E:6214DCE4
x-timer: S1645544079.442617,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/c3125ad0/www-widgetapi.vflset/ 147 KB
47 KB 16ms
5ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ab26c49efdbbeca6567e183ca38ad41691979e324b377d7a2328b44e0d23e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 08:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48596
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Feb 2023 08:36:03 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
17ms XHR
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1481879013&t=pageview&_s=1&dl=https%3A%2F%2Fvirtualvacation.us%2Fguess&ul=en-us&de=UTF-8&dt=City%20Guesser%20-%20Can%20you%20guess%20what%20city%20you%27re%20in%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=633632157&gjid=1403112540&cid=392292864.1645544079&tid=UA-153516768-4&_gid=1031972514.1645544079&_r=1&gtm=2ou2g0&z=559294744

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:34:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://virtualvacation.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
820 B 31ms
17ms XHR
application/json 68.67.160.25
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.25 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

351e3990008f02555b97289454404a70b7f471d5849445a5fe6b2135a6e48e5e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://virtualvacation.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:34:39 GMT
X-Proxy-Origin: 5.181.234.157; 5.181.234.157; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 21fc4134-a16b-42a6-a7aa-9d4ae6ce422d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://virtualvacation.us
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 67ms
31ms XHR
text/plain 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-153516768-4&cid=392292864.1645544079&jid=633632157&gjid=1403112540&_gid=1031972514.1645544079&_u=YEBAAUAAAAAAAC~&z=811587212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://virtualvacation.us/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Feb 2022 15:34:39 GMT
content-type: text/plain
access-control-allow-origin: https://virtualvacation.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022021602.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
121 KB 16ms
5ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

sffe /

Resource Hash

a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 06:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124238
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 02:36:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Feb 2023 06:08:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 96 B
114 B 57ms
45ms XHR
application/json 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=virtualvacation.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

fd334f8addc0a2bdbcc7c44797360093418c44f4d2c7ca7db091f578ef31243c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Tue, 22 Feb 2022 15:34:39 GMT

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 845 B
1 KB 20ms
5ms Script
text/javascript 13.225.230.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fvirtualvacation.us%2Fguess

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.230.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-230-7.jfk51.r.cloudfront.net

Software

Resource Hash

db9d3ccc95cbf9611e822c92c704b50751fa16e2d747f0220324633c5b603347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 19:16:57 GMT
via: 1.1 086617c9385713660fb060f989a2a626.cloudfront.net (CloudFront)
age: 73062
etag: ecd339472d80470756c9b90f43e0db8c
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: JFK51-C1
content-length: 845
apigw-requestid: N6C-ejyyoAMESjw=
x-amz-cf-id: 166QdIHNReN0TNAkz5jDSoK1GSeRU26ZTI5FpGTOWKlRDRs-Bo360w==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
723 B 16ms
4ms Image
image/svg+xml 2600:9000:2140:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:13:15 GMT
via: 1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1585285
etag: "c6e9be45643e197ce1db1d7e24a99adc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: hbG39T2C6i7xib3CAj0p2LnGIU9lmff-039pu3nrv2moiAgQ8mbB-g==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 17ms
4ms Image
image/svg+xml 2600:9000:2140:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:13:15 GMT
via: 1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1585285
etag: "0af2fb38987598376c99e21af17ade45"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: xEZFvEV2NQw_oKxcFuLps_TLeEN2NpguJjyUiKgUdpvnYrEGy-r-XA==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 17ms
5ms Image
image/svg+xml 2600:9000:2140:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/pinterest.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:15:00 GMT
via: 1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1585180
etag: "2b10a062e719c64b686e2e8fcdc216dc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: Nf087YKtvb2VqNoXLCFx6CORw3rGfxH9ET0tfIS_x3nSprjJW9_8vA==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
768 B 18ms
6ms Image
image/svg+xml 2600:9000:2140:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:13:19 GMT
via: 1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1585281
etag: "5977437466e857c7ddcadda6f6d88c2a"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: nlMTtfGm9QenE3DfEpw8sqIzgvl19c7q_OjqBU19p_pMVPxjSX7D3Q==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
937 B 17ms
5ms Image
image/svg+xml 2600:9000:2140:4800:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2140:4800:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 04 Feb 2022 07:13:15 GMT
via: 1.1 1bbfa275cce73ba7a423bc907239dede.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1585285
etag: "deecdaa377907db5cc1722fc831670a1"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: jo7prA_qassCi6c5YGbdg7wlGCj2aQLgA9j_ybymMdM4fxmVKh_oJQ==

GET
H3 200 Fe78ODqrhXQ Show response
www.youtube.com/embed/ Frame 03D9 53 KB
23 KB 56ms
53ms Document
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8458c093b0772b8e8c13f08bcf4084affb63a0d8f6dc45f362ac844050ba77fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Feb 2022 15:34:39 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 19ms
5ms Script
application/javascript 104.67.5.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=virtualvacation.us&rnd=1645544079605

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-67-5-55.deploy.static.akamaitechnologies.com

Software

Resource Hash

606af405d267f3b7e189d240152ba91b93e98b931514fd2f1ed004a73c1c2d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:34:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1365
Expires: Tue, 22 Feb 2022 16:34:39 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame EDB7 2 KB
1 KB 5ms
5ms Document
text/html 104.67.5.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.858.22997&cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=virtualvacation.us&rnd=1645544079605

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-67-5-55.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

Content-Length: 1160
Cache-Control: max-age=604800
Expires: Tue, 01 Mar 2022 15:34:39 GMT
Date: Tue, 22 Feb 2022 15:34:39 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Encoding: gzip
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H2 200 inf.jpg
virtualvacation.us/static/ 140 KB
140 KB 5ms
4ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/inf.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

0bc21ed88fdaf5f388e5fad84ed63f1f9b38803c995c1b30a0f75e3d85648b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 3da74ac140bfc0fae2a27f1b373dd367d28bd000
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-2302f"
age: 19
x-cache: HIT
content-length: 143407
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 12CE:1FA0:2434C6:3CF2A1:6214DCE4
x-timer: S1645544080.665555,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:03:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 bff.jpg
virtualvacation.us/static/ 42 KB
42 KB 4ms
3ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/bff.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

8cf39397676875c07b6796362f24307fd96a4e4d78dc6df1562574023cddd2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: cdc5f6afd24de752b015e3db5ff884dcbb14b72d
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-a6ab"
age: 19
x-cache: HIT
content-length: 42667
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 561A:4945:202B1C:38AE9C:6214DCE9
x-timer: S1645544080.665628,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:04:01 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 aff.jpg
virtualvacation.us/static/ 293 KB
294 KB 7ms
7ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/aff.jpg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

bcad6f3f12bb2b10ed5f96230e1d0e42c75bbcd3833a80cf874ba065b9c066cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: fd3e002f949c47f4d6c04b87bc6b5e92a127ed3e
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-495af"
age: 19
x-cache: HIT
content-length: 300463
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: 59DE:4501:391A34:52A727:6214DCE8
x-timer: S1645544080.665718,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 13:04:00 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 argentinaflag.jpeg
virtualvacation.us/static/ 37 KB
37 KB 7ms
6ms Image
image/jpeg 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://virtualvacation.us/static/argentinaflag.jpeg

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.111.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-111-153.github.com

Software

GitHub.com /

Resource Hash

262ebe8d8c357005c8c2a8faa838ba6f7bcfcd215dc829fc89e936cfed85e266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/guess
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 6ceab89a24575c90c6a7e511d75cd0d362e9bed5
strict-transport-security: max-age=31556952
via: 1.1 varnish
etag: "61b29893-92de"
age: 563
x-cache: HIT
content-length: 37598
x-served-by: cache-lga21970-LGA
last-modified: Fri, 10 Dec 2021 00:00:19 GMT
server: GitHub.com
x-github-request-id: A02E:5BE3:3D269F:58F9CF:6214FD9C
x-timer: S1645544080.665803,VS0,VE1
date: Tue, 22 Feb 2022 15:34:39 GMT
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 22 Feb 2022 15:23:32 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 34ms
18ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=virtualvacation.us

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 572 B
314 B 50ms
50ms XHR
text/plain 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2739101488347527&correlator=771786520513536&output=ldjh&impl=fif&eid=31064966%2C31064988%2C31064868%2C44756432%2C31064018%2C44755510&vrg=2022021602&ptt=17&sc=1&sfv=1-0-38&ecs=20220222&iu_parts=421469808%2Cvirtualvacation.us_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie_enabled=1&bc=31&abxe=1&dt=1645544079791&lmt=1639094419&dlt=1645544079186&idt=577&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=757&adks=3697411644&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fvirtualvacation.us%2Fguess&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=392292864.1645544079&ga_sid=1645544080&ga_hid=1481879013&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

cb0ea1849d34d93d45b9b4ee9113edd8bafc1ad045abb052cd8b598f499a441e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 284
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://virtualvacation.us
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
adc1dabaf6b7ed6fb0f8404ec2e44173.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2916 6 KB
4 KB 59ms
22ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adc1dabaf6b7ed6fb0f8404ec2e44173.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 22 Feb 2022 15:34:39 GMT
expires: Wed, 22 Feb 2023 15:34:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A67C 52 KB
17 KB 24ms
4ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 23 Feb 2022 04:03:36 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 22 Feb 2022 15:34:39 GMT
Via: 1.1 varnish
Age: 41466
X-Served-By: cache-lga21983-LGA
X-Cache: HIT
X-Cache-Hits: 83568
X-Timer: S1645544080.827884,VS0,VE0
Vary: Accept-Encoding

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/c3125ad0/ Frame 03D9 341 KB
47 KB 6ms
5ms Stylesheet
text/css 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 05:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 210799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47760
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Feb 2023 05:01:20 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/ Frame 03D9 283 KB
85 KB 3ms
3ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 430913
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87214
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/ Frame 03D9 2 MB
538 KB 10ms
9ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febae1ff34e2aac13f3ad553f75f409f0dc7b29bd385a197565408bf2dff16c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 19:08:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 550685
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Feb 2023 19:08:36 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/ Frame 03D9 10 KB
3 KB 9ms
9ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 430913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 03D9 15 KB
15 KB 16ms
3ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 603288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 15:59:51 GMT

GET
H2 200 adasync.min.js Show response
cdn.adspirit.de/ 33 KB
9 KB 124ms
81ms Script
application/javascript 2a02:6ea0:c600::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/adasync.min.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPK/virtualvacation.us/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c600::11 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 87f79f2f506631ff7210d138d584afc5ba8d6966db6fdca9e6f98ff19002097b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: chicagoUSIL
date: Tue, 22 Feb 2022 15:34:40 GMT
content-encoding: gzip
x-77-nzt-ray: JVaiRUE7mMw
x-cache: HIT
x-age: 3155
x-77-nzt: Abn20QRube7/UwwAAA
x-accel-expires: @1645627325
last-modified: Thu, 01 Apr 2021 12:06:58 GMT
server: CDN77-Turbo
etag: W/"3665562209"
x-77-cache: HIT
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Fri, 02 Apr 2021 14:04:32 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.858.22997/a/US/ Frame 587C 24 KB
10 KB 5ms
5ms Script
text/javascript 104.67.5.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.858.22997/a/US/t_.js?cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.858.22997&cid=c010&cls=B

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.67.5.55 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-67-5-55.deploy.static.akamaitechnologies.com

Software

Resource Hash

fc70a8ac1580f5f81f01a290654460c27fcdb89b49652c63aad6089e8e16d4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.858.22997&cid=c010&cls=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:34:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9847
Expires: Tue, 01 Mar 2022 15:34:39 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame A67C
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

13ms
13ms

Script
text/html

68.67.160.25
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

68.67.160.25 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:34:40 GMT
X-Proxy-Origin: 5.181.234.157; 5.181.234.157; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 71996f66-9fc9-453a-96f6-fe795a9b6367
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:34:39 GMT
X-Proxy-Origin: 5.181.234.157; 5.181.234.157; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 576e3273-45be-4eb5-96f3-1f3dfdeeed86
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 587C
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=2ca9f5ab31de387a8710e6f9d6fba8eb

42 B
297 B

83ms
21ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=2ca9f5ab31de387a8710e6f9d6fba8eb

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:34:40 GMT
Content-Length: 42
Stid: ZH8ACmIVAo8AAAAIEqxUAw==
Content-Type: image/gif

Redirect headers

date: Tue, 22 Feb 2022 15:34:40 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=2ca9f5ab31de387a8710e6f9d6fba8eb
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

lotame
sync.sharethis.com/int/ Frame 587C
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_...
https://sync.sharethis.com/int/lotame?uid=1d76de1155f53fe7dff666ef5d961774&gdpr=0&gdpr_consent=

42 B
297 B

86ms
22ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/int/lotame?uid=1d76de1155f53fe7dff666ef5d961774&gdpr=0&gdpr_consent=

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:34:40 GMT
Content-Length: 42
Stid: ZH8ACmIVAo8AAAAIEqxUAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:34:40 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.sharethis.com/int/lotame?uid=1d76de1155f53fe7dff666ef5d961774&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.40.13.169
content-length: 0
expires: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 587C
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2r9ryoE3ZtRqgT9XdvwDYcuwvSjOIwxumK93ZuMC-CO0&gdpr=0&gdpr_consent=

42 B
297 B

23ms
23ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2r9ryoE3ZtRqgT9XdvwDYcuwvSjOIwxumK93ZuMC-CO0&gdpr=0&gdpr_consent=

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:34:40 GMT
Content-Length: 42
Stid: ZH8ACmIVAo8AAAAIEqxUAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2r9ryoE3ZtRqgT9XdvwDYcuwvSjOIwxumK93ZuMC-CO0&gdpr=0&gdpr_consent=
Date: Tue, 22 Feb 2022 15:34:40 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 587C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=ace4bfa6-4fd3-4824-b803-4dafaaa0f4b5&gdpr=0&gdpr_consent=

42 B
297 B

84ms
22ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=ace4bfa6-4fd3-4824-b803-4dafaaa0f4b5&gdpr=0&gdpr_consent=

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:34:40 GMT
Content-Length: 42
Stid: ZH8ACmIVAo8AAAAIEqxUAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:34:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=ace4bfa6-4fd3-4824-b803-4dafaaa0f4b5&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 587C
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3625322215995604996
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNTMyMjIxNTk5NTYwNDk5NhAAGg0IkIXUkAYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=1d71fb0c3d26ebb254cbcdf8637357dfa5cbd5ce3e61cd70b18639a423b76a06f4cb09cee1a4f8eb&person_id=3625322215995604996&eid=50082

43 B
312 B

12ms
11ms

Image
image/gif

54.85.224.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=1d71fb0c3d26ebb254cbcdf8637357dfa5cbd5ce3e61cd70b18639a423b76a06f4cb09cee1a4f8eb&person_id=3625322215995604996&eid=50082
Requested by: Host: virtualvacation.us
URL: https://virtualvacation.us/guess
Protocol: HTTP/1.1
Server: 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-224-115.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 15:34:40 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 23 Feb 2022 10:34:40 GMT

Redirect headers

date: Tue, 22 Feb 2022 15:34:40 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=1d71fb0c3d26ebb254cbcdf8637357dfa5cbd5ce3e61cd70b18639a423b76a06f4cb09cee1a4f8eb&person_id=3625322215995604996&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

drawbridge
sync.sharethis.com/ Frame 587C
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://p.adsymptotic.com/d/px/?_pid=12608&_psign=f58963b3af9d250b387068620e8a4444&_puuid=ZH8ACmIVAo8AAAAIEqxUAw%3D%3D&_redirect=https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D&...
https://sync.sharethis.com/drawbridge?uid=37d2949dac110ab3cc814e9dff24fd45

42 B
297 B

86ms
23ms

Image
image/gif

18.190.45.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/drawbridge?uid=37d2949dac110ab3cc814e9dff24fd45

Requested by

Host: virtualvacation.us
URL: https://virtualvacation.us/guess

Protocol

HTTP/1.1

Server

18.190.45.198 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-45-198.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Tue, 22 Feb 2022 15:34:40 GMT
Content-Length: 42
Stid: ZH8ACmIVAo8AAAAIEqxUAw==
Content-Type: image/gif

Redirect headers

date: Tue, 22 Feb 2022 15:34:40 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://sync.sharethis.com/drawbridge?uid=37d2949dac110ab3cc814e9dff24fd45
cf-ray: 6e1947a479c318bc-EWR
content-length: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 03D9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
19ms

XHR
application/json

2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad8c16cba8e1ea53090f06531b7fbd61b256c0b749b0c03bdfa645eb626a7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 22 Feb 2022 15:34:40 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 03D9 29 B
588 B 18ms
3ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:28:14 GMT
x-content-type-options: nosniff
age: 386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Feb 2022 15:43:14 GMT

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 03D9 0
19 B 24ms
24ms Ping
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=fmPn7X7TE7DGugRR&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082661%2C24094607%2C24134698%2C24135310%2C24152037%2C24166123%2C24169154%2C24169501%2C24169727%2C24170002%2C24173745&cl=429167346&seq=1&event=streamingstats&docid=Fe78ODqrhXQ&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220216.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:34:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/ Frame 03D9 26 KB
8 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a95f5345eee401264602894c9598cfd529818413f73a07346b7759580cffb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 430914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7661
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:46 GMT

GET
H/1.1 200
OK adscript.php Show response
adinplay.adspirit.de/ 1 KB
2 KB 362ms
102ms Script
text/html 213.95.181.109
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://adinplay.adspirit.de/adscript.php?async=adspirit_ad_24&wpcn=asm17930159x1645544080147&ref=https%3A%2F%2Fvirtualvacation.us%2Fguess&swf=-1&scx=1600&scy=1200&wcx=1600&wcy=1200&dcx=1600&vis=4&tz=1645544080148&pid=24&pbid=virtualvacation-us_728x90

Requested by

Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

213.95.181.109 Oberschleissheim, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

webportal-adspirit.de

Software

Apache / PHP/7.3.31

Resource Hash

63fa39e458bb2113e456b725a11d932625510e05eee340ae351d361edca8b659

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:34:40 GMT
Last-Modified: Tue, 22 Feb 2022 15:34:40 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
Transfer-Encoding: chunked
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 0
Expires: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 03D9 0
19 B 21ms
21ms Ping
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=fmPn7X7TE7DGugRR&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082661%2C24094607%2C24134698%2C24135310%2C24152037%2C24166123%2C24169154%2C24169501%2C24169727%2C24170002%2C24173745&cl=429167346&seq=2&event=streamingstats&docid=Fe78ODqrhXQ&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220216.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.037:ER&bat=0.037:1:1&cmt=0.037:0.000&bh=0.037:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:34:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 48ms
32ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e8da50c64348fa9ba76bb4d1f87203aae1bdfd81fb81a5c96d113a4636748e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Feb 2022 15:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9751
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021602.js?31064988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 15:34:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D479 13 KB
5 KB 16ms
3ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Feb 2022 19:27:41 GMT
expires: Mon, 20 Feb 2023 19:27:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 158819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8E78 783 B
1 KB 40ms
24ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b5ea808c08a220de6693a1bb2f6b9c32e628e5e3c9aafb2e80a772c492fc598

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SQxjZmWbQv3csiDwrLkl0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 22 Feb 2022 15:34:40 GMT
date: Tue, 22 Feb 2022 15:34:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SQxjZmWbQv3csiDwrLkl0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js Show response
pagead2.googlesyndication.com/bg/ Frame D479 35 KB
13 KB 14ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 20:27:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Feb 2023 20:27:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8E78 0
0 71ms
71ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021602&jk=2739101488347527&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D479 0
9 B 3ms
3ms Image
text/plain 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ff9euQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:34:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
67ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021602&jk=2739101488347527&bg=!PT6lPnrNAAbf-5Dq3_s7ACkAdvg8Wv_uaNEzFSCxGOhVZ0C2VnUt7ZiyZVVkjAGD-7KPu8SzuU0MqQIAAABZUgAAAAJoAQeZAsXNhjwhDes7gz9AGjJyaY8TCW1JMiVp_AEIBi0GOWVH1OQljK4Zbn7_YO4IS4Ee9VWf5Iw-qpYC3d6TyB-deUFvwGHq-ZusFQMHzY6HLv5avLPULKSy-283dWgXEk1FaRiwKxFYCDLLx5MyyPnlVn7-8EgrvbgOrMDQd7zwtuE2hMj0k9yEojq25HNe8mBe34a-6Q1AznuPfxik4NR3EIlH2TdfAY-y9J-qwJb-9yB9JvzKC2JmxBtW-44AHbge0kWSpPNxhHUMTWhN3ZfHXa23sGnJM3UnqisXPZ1srPVh9OU7TxMJrHC-ZcLeJOXCElN3u0GkO-A7UCNHOP5EzfLpL5aOKKxQDLu0hR6bu-XB-mWlENWjLe6BWgrMjdf2-j0Nil7rS0TI7k3ZQ59e1SZa0Ojmh4S1cDlgnfcBvpxl8Rw--5cuZx2GLJdotZXb5-zOHArNvMFOW2s8-Ut8ocTVcYjlsOkkcdd77sULfBwkUzUCnZuxcYptZ_E9Sr1AEo6TTNi-KaHngHLhwPP_MDyHL_BUAMPVfzrIx6hTY-KRjWRvK-tg1sLlsMffsWulb9uC1ueSWVAY_GNboMCBdUPm2D7HMQqy8a6-EhP5l9jHCLcIoCkk-B5g7OkhWfhtV6XxSBwEtA8krzUQSvbuHVTHXktF_etQm8hPglPBByxRfmsKnIbwctHcgbLzGVNAHjo0if4sBzVCtGrozjgp0uDmdLntWEa0mk_rI9e0uQ6FQKk2Jm-J98VPWgAmmb2jSC-AtlB8F5hmV3FE7puYNLX1LMlsWSlI6oXjSq2BlqpkbZ99CYzsSRnRzo-eaJlBkJ6xtKKaYgNjT-mHYeVobUd9uGJdabjZ9p1CckKPQ_A1_w1mFOVeGSnGQYWdHhafOAn4B_At1VglVFxcadP5cKz7D6kb_0_D7i21CdqUU6P5z3KMHvWf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 15:34:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A67C 0
731 B 49ms
48ms Script
text/html 68.67.160.25
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.25 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

563.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:34:41 GMT
X-Proxy-Origin: 5.181.234.157; 5.181.234.157; 563.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 410617a4-1707-494c-b1ef-1c9e0da114d8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK adscript.php Show response
adinplay.adspirit.de/ 327 B
1 KB 374ms
100ms Script
text/html 213.95.181.109
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

213.95.181.109 Oberschleissheim, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

webportal-adspirit.de

Software

Apache / PHP/7.3.29

Resource Hash

7dac41c03128eacdd521f978d01e20ef3b88ed337654f75fb2a8ce06c2deae7f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:34:41 GMT
Last-Modified: Tue, 22 Feb 2022 15:34:41 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Transfer-Encoding: chunked
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
x-ip: 5.181.234.157
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=3, max=1000
X-XSS-Protection: 0
Expires: 0

GET
H2 200 asm_pageview.min.js Show response
cdn.adspirit.de/banner/ 2 KB
1 KB 19ms
19ms Script
application/javascript 2a02:6ea0:c600::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/banner/asm_pageview.min.js
Requested by: Host: cdn.adspirit.de
URL: https://cdn.adspirit.de/adasync.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c600::11 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: chicagoUSIL
date: Tue, 22 Feb 2022 15:34:41 GMT
content-encoding: gzip
x-77-nzt-ray: OFLKMkd5kus
x-cache: HIT
x-age: 82748
x-77-nzt: Abn20QQpP+z/PEMBAA
x-accel-expires: @1645547733
last-modified: Tue, 11 Jun 2019 08:31:43 GMT
server: CDN77-Turbo
etag: W/"3762381252"
x-77-cache: HIT
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Sat, 08 Feb 2020 15:50:12 GMT

GET
H/1.1 200
OK adpageview.php
adinplay.adspirit.de/ 43 B
512 B 98ms
97ms Image
image/gif 213.95.181.109
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adinplay.adspirit.de/adpageview.php?&wsid=12&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1645544082014

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

213.95.181.109 Oberschleissheim, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),

Reverse DNS

webportal-adspirit.de

Software

Apache / PHP/7.3.29

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://virtualvacation.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 15:34:42 GMT
Last-Modified: Tue, 22 Feb 2022 15:34:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 03D9 28 B
50 B 23ms
23ms XHR
application/json 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Fe78ODqrhXQ?modestbranding=1&rel=0&start=40&playsinline=1&controls=0&showinfo=0&loop=1&enablejsapi=1&origin=https%3A%2F%2Fvirtualvacation.us&widgetid=1
X-YouTube-Client-Version: 1.20220216.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt0YkRRNl9jMjViOCiPhdSQBg%3D%3D
X-YouTube-Ad-Signals: dt=1645544080031&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 22 Feb 2022 15:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: wtV88jN-ijc
.youtube.com/	1970-01-20 05:24:56	Name: VISITOR_INFO1_LIVE Value: tbDQ6_c25b8
.virtualvacation.us/	1970-01-20 18:36:56	Name: _ga Value: GA1.2.392292864.1645544079
.virtualvacation.us/	1970-01-20 01:07:10	Name: _gid Value: GA1.2.1031972514.1645544079
.sharethis.com/	1970-01-20 09:51:20	Name: __stid Value: ZH8ACmIVAo8AAAAIEqxUAw==
.sharethis.com/	1970-01-20 09:51:20	Name: __stidv Value: 2
.virtualvacation.us/	1970-01-20 01:05:44	Name: _gat_gtag_UA_153516768_4 Value: 1
.virtualvacation.us/	1970-01-20 03:17:13	Name: CountryCode Value: US
.virtualvacation.us/	1970-01-20 03:17:13	Name: userFromEEA Value: false
.virtualvacation.us/	1970-01-20 09:51:20	Name: fpestid Value: qICVpd9Lr9ISoQvo_DIiohUP9ir4hL4BXny-1MG4UBfnnMg41aIrLxpbzZflkdUx9kjqiQ
.doubleclick.net/	1970-01-20 01:05:44	Name: test_cookie Value: CheckForPermission
.virtualvacation.us/	1970-01-20 10:27:20	Name: __gads Value: ID=fe12487ad5837178-2245bbf8c57b008a:T=1645544079:S=ALNI_Ma4sMaNAWXjeZuXtIDxPCAnFV1KQg
.t.sharethis.com/	1970-01-20 01:48:56	Name: pxcelPage_default_c010_B Value: 0_6_1645544079991
.adnxs.com/	1970-01-20 03:15:20	Name: uuid2 Value: 5903982933446169471
.adsrvr.org/	1970-01-20 09:51:20	Name: TDID Value: ace4bfa6-4fd3-4824-b803-4dafaaa0f4b5
.exelator.com/	1970-01-20 03:58:32	Name: EE Value: "2ca9f5ab31de387a8710e6f9d6fba8eb"
.adsymptotic.com/	1970-01-20 03:15:20	Name: U Value: 37d2949dac110ab3cc814e9dff24fd45
.ml314.com/	1970-01-20 09:51:20	Name: pi Value: 3625322215995604996
.adsrvr.org/	1970-01-20 09:51:20	Name: TDCPM Value: CAEYBSABKAIyCwjOrqOl8oi7OhAFOAE.
.exelator.com/	1970-01-20 03:58:32	Name: ud Value: "eJxrXxzq6XKLQcEoOdEyzTQxydgwJdXYwjzRwtzQINUszTLFLC0p0SI1aXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJiSX5RZvqi0ODFRSlpDItKik8F75%252FICQC%252F8yqu"
.crwdcntrl.net/	1970-01-20 07:34:30	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 07:34:30	Name: _cc_id Value: 1d76de1155f53fe7dff666ef5d961774
.rlcdn.com/	1970-01-20 09:51:20	Name: rlas3 Value: zaLQ75nFb7a4ZkKSu0fBEwmm0W09YzofbAB1aTfa7gA=
.eyeota.net/	1970-01-20 09:51:20	Name: mako_uid Value: 17f22120334-67680000010a444d
.eyeota.net/	1970-01-20 01:05:44	Name: SERVERID Value: 17485~DM
.rlcdn.com/	1970-01-20 02:32:08	Name: pxrc Value: CJCF1JAGEgUI6AcQABIFCNtOEAA=
adinplay.adspirit.de/	1970-01-20 01:48:56	Name: adinplayuxid Value: c57f5eaca520383d6d41bfb88bc1fb63c47aaf0ca281c89274c63e945488ba33

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adc1dabaf6b7ed6fb0f8404ec2e44173.safeframe.googlesyndication.com
adinplay.adspirit.de
adservice.google.com
afarkas.github.io
ajax.googleapis.com
api.adinplay.com
bcp.crwdcntrl.net
buttons-config.sharethis.com
cdn.adspirit.de
cdn.jsdelivr.net
cdnjs.cloudflare.com
count-server.sharethis.com
country.adinplay.workers.dev
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
l.sharethis.com
loadus.exelator.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
ml314.com
p.adsymptotic.com
pagead2.googlesyndication.com
platform-api.sharethis.com
platform-cdn.sharethis.com
ps.eyeota.net
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
sync.sharethis.com
t.sharethis.com
tpc.googlesyndication.com
unpkg.com
virtualvacation.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.w3schools.com
www.youtube.com
104.18.99.194
104.67.5.55
13.225.205.16
13.225.230.7
142.251.32.98
151.101.129.108
18.190.45.198
185.199.111.153
192.229.173.207
213.95.181.109
2600:9000:2140:4800:1d:85c3:6640:93a1
2600:9000:21ec:b400:c:abe:f440:93a1
2606:4700:3033::6815:45cd
2606:4700:3108::ac42:2b42
2606:4700::6810:135e
2606:4700::6810:5514
2606:4700::6810:7baf
2606:4700::6812:acf
2606:50c0:8002::153
2607:f8b0:4006:807::2003
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80c::2006
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2008
2607:f8b0:4023:1404::9d
2a02:6ea0:c600::11
3.129.242.122
3.33.220.150
34.231.251.31
35.190.60.146
52.0.156.250
54.80.152.36
54.85.224.115
68.67.160.25
0bc21ed88fdaf5f388e5fad84ed63f1f9b38803c995c1b30a0f75e3d85648b4e
1e8da50c64348fa9ba76bb4d1f87203aae1bdfd81fb81a5c96d113a4636748e2
1fe496c07fac51109659619aa985f0ccc90956577fdc367d6b36292a7ab3ab5d
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
262ebe8d8c357005c8c2a8faa838ba6f7bcfcd215dc829fc89e936cfed85e266
27aabc3490a7bd53a4fb7ffc7f6989fd6b491c481dafe635489f7a0b196595f3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34ab26c49efdbbeca6567e183ca38ad41691979e324b377d7a2328b44e0d23e4
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
351e3990008f02555b97289454404a70b7f471d5849445a5fe6b2135a6e48e5e
362d67b2832f4fd49adfb966f963bd0ec808a9ced1bfd21dceb8fa82a19429bc
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
386d6705d2d0272a475b99ea3da6e3fa565474e45128668f6daf3b9d71ed694d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784
4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34
4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3
49d5139ea6580787a03471ff60ccfb1d7159a041da154403928b3d97238d6448
5408b63b428b6d8948fc969701c59410123e6c3c2941e0824a6f913cb3e5a2c4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5d46dee7f7bcf947af690cf2d153c90fc78305ce2ab3af3b98ab0919b42e25b4
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
606af405d267f3b7e189d240152ba91b93e98b931514fd2f1ed004a73c1c2d55
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63fa39e458bb2113e456b725a11d932625510e05eee340ae351d361edca8b659
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
6b5ea808c08a220de6693a1bb2f6b9c32e628e5e3c9aafb2e80a772c492fc598
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7858e98d4a49fcf6c5705eced04d55eef3caae23c3de39bdc4f838bb35e5ac0d
78d76f6d29f3611b13b028444776438f99f827dab7a049878b76084dcad30069
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7cda11af090fd86b983db352266309382c9f441d8384f41ed2b19383346ccaca
7dac41c03128eacdd521f978d01e20ef3b88ed337654f75fb2a8ce06c2deae7f
8458c093b0772b8e8c13f08bcf4084affb63a0d8f6dc45f362ac844050ba77fd
87f79f2f506631ff7210d138d584afc5ba8d6966db6fdca9e6f98ff19002097b
8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017
8cf39397676875c07b6796362f24307fd96a4e4d78dc6df1562574023cddd2e5
95a393d0029fc7c029bbb7ccc2fb8181d603a069439e4c076290c300f9d743a3
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9b202ecbc6d45c6d8901d989a918878397a3eb9d00e8f48022fc051b19d21a1d
9b2459fe86499770da5300aa745e75a2a42a8438e3ced336f975b04dc1160cf5
9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46
a034073242b63a4bf8f20744f8cb4b4bb74e17464ecf7da2c2a001b082d5d3e8
a0a95f5345eee401264602894c9598cfd529818413f73a07346b7759580cffb5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad8c16cba8e1ea53090f06531b7fbd61b256c0b749b0c03bdfa645eb626a7993
b020a567020c15e833bb380277be210fcb69f60b2120952d7fab9f419312c626
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5c198693aa2381fa368e7bd7425cefa519ccb4877be9d669d67b37edf28cd9f
bc9a9a51f6b4b694a54e98e67ab73322e82bd8e27474d9f1fd5dd3112f5728e5
bcad6f3f12bb2b10ed5f96230e1d0e42c75bbcd3833a80cf874ba065b9c066cd
be48274a9a0273108bfc415139fa536157ee97f684a57f3023f00fbb19375d16
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c858b393dfc30fafa6c155823a2a747d793ca26288ab305128460be0a7f2a244
c88aa2c0c5121e3ab4df8cc8ad50e7432af4b7d8fd3420068c25e3c7206f442d
cb0ea1849d34d93d45b9b4ee9113edd8bafc1ad045abb052cd8b598f499a441e
cb52fafd0efae05e37e7144bd9251155f60b276b76923dfe31b1368b5d96a047
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da1e96273329820e5b057812cbd0ee310fa20e3861e7c1a40d80efe7e5d634f6
db9d3ccc95cbf9611e822c92c704b50751fa16e2d747f0220324633c5b603347
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
edf73ce2890d53a3e52005d155c869d164fd1e4ccad2b926e978e8b71ecf8e98
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f1848af4a450dd27d9e9e185368412d4184b07b2ba867ad7de41d0d721035675
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc70a8ac1580f5f81f01a290654460c27fcdb89b49652c63aad6089e8e16d4bb
fc859a334b3b155ea6a35004a2f2440cb32b957112dc270bfd1aa07eb909e08f
fd334f8addc0a2bdbcc7c44797360093418c44f4d2c7ca7db091f578ef31243c
febae1ff34e2aac13f3ad553f75f409f0dc7b29bd385a197565408bf2dff16c0

virtualvacation.us Open in urlscan Pro 185.199.111.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

90 %HTTPS

55 %IPv6

27 Domains

42 Subdomains

34 IPs

3 Countries

5974 kBTransfer

9431 kBSize

27 Cookies

9 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

virtualvacation.us Open in urlscan Pro
185.199.111.153 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

90 %
HTTPS

55 %
IPv6

27
Domains

42
Subdomains

34
IPs

3
Countries

5974 kB
Transfer

9431 kB
Size

27
Cookies

93 HTTP transactions
0 data transactions