gcpf4.530028.xyz Open in urlscan Pro
35.212.177.236 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gcpf4.530028.xyz/
Submission: On December 08 via api (December 8th 2024, 11:42:30 am UTC) from US — Scanned from DE

Summary HTTP 154 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 47 IPs in 3 countries across 33 domains to perform 154 HTTP transactions. The main IP is 35.212.177.236, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is gcpf4.530028.xyz.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on November 15th 2024. Valid for: 3 months.

This is the only time gcpf4.530028.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	35.212.177.236 35.212.177.236	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	52.5.91.204 52.5.91.204	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
3	69.164.205.112 69.164.205.112	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	157.240.0.174 157.240.0.174	32934 (FACEBOOK) (FACEBOOK)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	172.66.43.201 172.66.43.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2014	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2013	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
3	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
16	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
1	18.244.18.53 18.244.18.53	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.102 65.9.66.102	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
8	142.250.186.84 142.250.186.84	15169 (GOOGLE) (GOOGLE)
5	34.54.246.109 34.54.246.109	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	34.107.174.205 34.107.174.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:802::201b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.122.52 18.66.122.52	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:de00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2	54.160.94.255 54.160.94.255	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
8	2a04:4e42:400... 2a04:4e42:400::720	54113 (FASTLY) (FASTLY)
8	172.217.18.123 172.217.18.123	15169 (GOOGLE) (GOOGLE)
1	216.239.32.178 216.239.32.178	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:9f71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.214.86.103 18.214.86.103	14618 (AMAZON-AES) (AMAZON-AES)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.224.14.217 3.224.14.217	14618 (AMAZON-AES) (AMAZON-AES)
154	47

32 35.212.177.236 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 236.177.212.35.bc.googleusercontent.com

gcpf4.530028.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.91.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-91-204.compute-1.amazonaws.com

via.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

cdn.requestmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.164.205.112 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 69-164-205-112.ip.linodeusercontent.com

pxl.datafyhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.174 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: instagram-p42-shv-02-fra3.fbcdn.net

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.43.201 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

vcal-translation-dot-vca-translate-393817.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

g.amp.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-consumer-website-238721.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c5bc48686bc615a53e825055a4b5f751.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-53.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-102.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

us-central1-consumer-website-238721.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.84 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f20.1e100.net

vcal-translation-dot-vca-translate-393817.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.54.246.109 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.246.54.34.bc.googleusercontent.com

drupal-prod.visitcalifornia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.174.205 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.174.107.34.bc.googleusercontent.com

static.amp.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-52.fra60.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:de00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)

20830662p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.160.94.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-94-255.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

localhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:400::720 (United States)

ASN54113 (FASTLY, US)

amptravel.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.123 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f123.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:9f71 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.86.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-86-103.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.14.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-14-217.compute-1.amazonaws.com

api.zetaglobal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	530028.xyz gcpf4.530028.xyz	3 MB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 c5bc48686bc615a53e825055a4b5f751.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 173	164 KB
12	appspot.com vcal-translation-dot-vca-translate-393817.uc.r.appspot.com	35 KB
9	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 314	385 KB
8	imgix.net amptravel.imgix.net — Cisco Umbrella Rank: 429805	154 KB
7	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5324 api.lightboxcdn.com — Cisco Umbrella Rank: 6356	137 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 329	157 KB
5	visitcalifornia.com drupal-prod.visitcalifornia.com — Cisco Umbrella Rank: 457302	109 KB
5	cloudfunctions.net us-central1-consumer-website-238721.cloudfunctions.net — Cisco Umbrella Rank: 577610	848 B
5	amp.travel g.amp.travel — Cisco Umbrella Rank: 290415 static.amp.travel — Cisco Umbrella Rank: 365882	26 KB
4	boomtrain.com cdn.boomtrain.com — Cisco Umbrella Rank: 5760 people.api.boomtrain.com — Cisco Umbrella Rank: 6066 events.api.boomtrain.com — Cisco Umbrella Rank: 8275	31 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	209 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	293 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
3	datafyhq.com pxl.datafyhq.com — Cisco Umbrella Rank: 151095	8 KB
2	localhood.com localhood.com — Cisco Umbrella Rank: 509465	178 B
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 19002 c.statcounter.com — Cisco Umbrella Rank: 11933	13 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	61 KB
2	narrative.io 1 redirects io.narrative.io — Cisco Umbrella Rank: 8673	536 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1531 insight.adsrvr.org — Cisco Umbrella Rank: 960	6 KB
1	zetaglobal.net api.zetaglobal.net — Cisco Umbrella Rank: 10011	932 B
1	rfihub.com 20830662p.rfihub.com — Cisco Umbrella Rank: 465176
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 514	295 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 4931	6 KB
1	gstatic.com www.gstatic.com	218 KB
1	rezync.com live.rezync.com — Cisco Umbrella Rank: 1388	4 KB
1	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3248	105 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 476	98 B
1	instagram.com www.instagram.com — Cisco Umbrella Rank: 1931	20 KB
1	requestmetrics.com cdn.requestmetrics.com — Cisco Umbrella Rank: 81398	14 KB
1	placeholder.com via.placeholder.com — Cisco Umbrella Rank: 35599	1 KB
154	33

	Domain	Requested by
32	gcpf4.530028.xyz	gcpf4.530028.xyz cdn.requestmetrics.com
16	pagead2.googlesyndication.com	cdn.requestmetrics.com gcpf4.530028.xyz securepubads.g.doubleclick.net pagead2.googlesyndication.com
12	vcal-translation-dot-vca-translate-393817.uc.r.appspot.com	cdn.requestmetrics.com
9	storage.googleapis.com	static.amp.travel
8	amptravel.imgix.net
7	cdn.cookielaw.org	www.googletagmanager.com cdn.requestmetrics.com cdn.cookielaw.org
6	www.lightboxcdn.com	gcpf4.530028.xyz www.lightboxcdn.com
5	drupal-prod.visitcalifornia.com
5	us-central1-consumer-website-238721.cloudfunctions.net	cdn.requestmetrics.com
4	g.amp.travel	gcpf4.530028.xyz g.amp.travel cdn.requestmetrics.com
4	securepubads.g.doubleclick.net	gcpf4.530028.xyz securepubads.g.doubleclick.net cdn.requestmetrics.com
4	www.googletagmanager.com	gcpf4.530028.xyz www.googletagmanager.com g.amp.travel
3	www.google-analytics.com	www.googletagmanager.com cdn.requestmetrics.com
3	www.google.com	gcpf4.530028.xyz www.googletagmanager.com www.gstatic.com
3	pxl.datafyhq.com	gcpf4.530028.xyz pxl.datafyhq.com
2	localhood.com	cdn.requestmetrics.com
2	people.api.boomtrain.com	cdn.requestmetrics.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	io.narrative.io	1 redirects
1	api.zetaglobal.net	cdn.requestmetrics.com
1	api.lightboxcdn.com	www.lightboxcdn.com
1	events.api.boomtrain.com	cdn.requestmetrics.com
1	20830662p.rfihub.com	c1.rfihub.net
1	geolocation.onetrust.com	cdn.requestmetrics.com
1	c.statcounter.com	cdn.requestmetrics.com
1	c1.rfihub.net	gcpf4.530028.xyz
1	cdn.boomtrain.com	gcpf4.530028.xyz
1	static.amp.travel	g.amp.travel
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	www.statcounter.com	www.googletagmanager.com
1	live.rezync.com	www.googletagmanager.com
1	t.contentsquare.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	c5bc48686bc615a53e825055a4b5f751.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ep1.adtrafficquality.google	cdn.requestmetrics.com
1	insight.adsrvr.org	js.adsrvr.org
1	idsync.rlcdn.com	pxl.datafyhq.com
1	www.instagram.com	gcpf4.530028.xyz
1	cdn.requestmetrics.com	gcpf4.530028.xyz
1	js.adsrvr.org	www.googletagmanager.com
1	via.placeholder.com	gcpf4.530028.xyz
154	43

This site contains links to these domains. Also see Links.

Domain
localhood.com
www.californiameetings.com
www.facebook.com
twitter.com
www.instagram.com
www.threads.net
www.pinterest.com
www.youtube.com
www.tiktok.com
www.visitcalifornia.com
www.visittheusa.com

Subject Issuer	Validity	Valid
gcpf4.530028.xyz ZeroSSL ECC Domain Secure Site CA	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
placeholder.com Amazon RSA 2048 M02	`2024-11-26` - `2025-12-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
cdn.requestmetrics.com R11	`2024-12-03` - `2025-03-03`	3 months	crt.sh
pxl.datafyhq.com R11	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-10-17` - `2024-12-15`	2 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.appspot.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
g.amp.travel WR3	`2024-11-25` - `2025-02-23`	3 months	crt.sh
misc.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
t.contentsquare.net Amazon RSA 2048 M03	`2024-08-13` - `2025-09-10`	a year	crt.sh
*.rezync.com Amazon RSA 2048 M03	`2024-09-23` - `2025-10-20`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.visitcalifornia.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
static.amp.travel WR3	`2024-10-30` - `2025-01-28`	3 months	crt.sh
storage.googleapis.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.boomtrain.com Amazon RSA 2048 M02	`2024-01-10` - `2025-02-07`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2024-09-30` - `2025-10-29`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-08` - `2025-04-27`	a year	crt.sh
*.api.boomtrain.com Amazon RSA 2048 M02	`2024-08-16` - `2025-09-13`	a year	crt.sh
localhood.com WR3	`2024-11-16` - `2025-02-14`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2024 Q4	`2024-10-09` - `2025-11-10`	a year	crt.sh
lightboxcdn.com WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
api.lightboxcdn.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-09-14` - `2025-03-14`	6 months	crt.sh
app.zetaglobal.net Amazon RSA 2048 M02	`2024-03-15` - `2025-04-12`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://gcpf4.530028.xyz/
Frame ID: 484F4F498277412907143A695D52DCEC
Requests: 134 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=sma1pqq&ref=https%3A%2F%2Fgcpf4.530028.xyz%2F&upid=npzvnxc&upv=1.1.0&paapi=1
Frame ID: E1E26F613BD6B8A68AB14965042FC637
Requests: 1 HTTP requests in this frame

Frame: https://c5bc48686bc615a53e825055a4b5f751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 54223054CD7D3685146ACD54F1AA3D9B
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fgcpf4.530028.xyz
Frame ID: C45E40EE59129256FFC5AAC0A895BB08
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstLKEy1gFkXV_fUaIE5j2bb8SLViTwocYOu7F0yKKwbyyJeoCQUAC-EzdwAp9dgkfHPDh0gu237G6TZs8-bfrFo9jhLsnnGlME7nSQUcHod1-8DKWguezBZXfd3zrBrAPXLMAb3ClwQbST1KSVY1PsrsT-O7GLO9ONOC9mS2JLxbXf3Im3Z5tEWC_pnAB_rT0bJEb1XPg4T5A6YzpOnrdhsTZZL64kbe9xM9nm8pbjlY6ItGMNmLTmn_AWFUUhT4jSpdQaZhjOUp30j0b_DdRSpqb7LouDvVHO0H34FQA70odVG2L7xnrPHmu_ZRGjYDqsKU6Eh0NjNY6GxAO69901GrYdwn_K-dxbNPvGR_F_j65Y0MdWbQJSXTpvpjCCx3lct1KX8zqZfTDZQoj2wWaqh8Qbdc32EW7X3tqFB0NOz3ClvvP1mpaTtc03eEQ&sig=Cg0ArKJSzD2CALed9T3zEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 90186491EFF515DD21E1BD9E357AEAFA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstRo9vroPpO_yGoMKXpZEvbzuQsBnyFh2hSMuvrYIrJ2heizjt5rLiuXsoSBtU_TdLh7ajC3f5G2Vc-0EizPNPonhvl6vGBUrL074ULuP61nHuJuc552cJCAGgtOE1xaEF7kFuyUxK_yecB9crboxQkewJSKEvjJnnq7R8ChWg5UcbNS8oXDrPJnkyiSO4q15Mx_2Sh2QR8azKQmeHs5Qo3vXuUFLFncvXA5ckRUdBPqyJqvKefdJjZb2d_xTNhWBbXGvZ5aH9BT1pV8FmdrpvVQ_Y17hwvTalTD71I7F6hFvfmhj9V4ZkThZhOOHZI-HXR-Trg1Cn0IGrlGEjf6S-rXN-a49vM3tm-RiFPlPUKcPucpV_x7porDnsAH4wfmbj081UgRl7ND-azs3q16feCQyRh9ir3aQderLml84xISgYUbFpktYUSVzeFqg&sig=Cg0ArKJSzPY33HtEuwsbEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F6238F9EE79B5FD075EC5F9C94E4CE3F
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfsymQpAAAAAJijhzl5RcZC9X4mARhDisyXsaQk&co=aHR0cHM6Ly9nY3BmNC41MzAwMjgueHl6OjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=t0ea2qok50dv
Frame ID: 521615DC51293299E57A7E4C5B859EB4
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 95A2CC438FB9FE39492B59EED767075F
Requests: 1 HTTP requests in this frame

Frame: https://20830662p.rfihub.com/ca.html?ver=9&rb=43692&ca=20830662&_o=43692&_t=20830662&userid=3e79f006-feef-4ce2-87eb-ae1a71f2f2d0%3A1733658145.2124546&pe=https%3A%2F%2Fgcpf4.530028.xyz%2F&pf=&ra=02103203652485841
Frame ID: 9E78E9A1C4BFA5391CD3D1C6734795BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Visit California - Official Travel & Tourism Website

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lightbox (JavaScript Libraries) Expand

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

154
Requests

99 %
HTTPS

37 %
IPv6

33
Domains

43
Subdomains

47
IPs

3
Countries

5193 kB
Transfer

11292 kB
Size

33
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://localhood.com/stories/6ae6fbf4-f26a-47c3-82d2-7b9bc5efcdf6/find-peace-and-joy-in-los-osos-ca?networkUuid=87d6df5e-75e8-4b8b-96ca-46619f44be7b&gvid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&acid=c13428f4-516c-4676-afa5-4ab9d84c8782
Title: Finden Sie Frieden und Freude in Los Osos, CA

Search URL Search Domain Scan URL

URL: https://localhood.com/stories/ae2a9148-4034-46b6-9be4-23ec1518e504/best-winter-attractions-in-fresno-county-2024?networkUuid=87d6df5e-75e8-4b8b-96ca-46619f44be7b&gvid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&acid=c13428f4-516c-4676-afa5-4ab9d84c8782
Title: Beste Winterattraktionen im Fresno County 2024

Search URL Search Domain Scan URL

URL: https://localhood.com/stories/531f94ee-c0d5-4c72-b25e-778ab002e825/4-epic-snow-adventures-in-norcal?networkUuid=87d6df5e-75e8-4b8b-96ca-46619f44be7b&gvid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&acid=c13428f4-516c-4676-afa5-4ab9d84c8782
Title: 4 epische Schneeabenteuer in Norcal

Search URL Search Domain Scan URL

URL: https://localhood.com/stories/8a02c172-66e0-4561-bd46-18a519e63d54/2024-best-things-to-do-during-the-holidays-in-california?networkUuid=87d6df5e-75e8-4b8b-96ca-46619f44be7b&gvid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&acid=c13428f4-516c-4676-afa5-4ab9d84c8782
Title: Die besten Unternehmungen während der Feiertage in Kalifornien im Jahr 2024

Search URL Search Domain Scan URL

URL: https://localhood.com/stories/d081b999-b1b9-423b-8de4-f97c1c36d1b7/preston-castle-near-elk-grove?networkUuid=87d6df5e-75e8-4b8b-96ca-46619f44be7b&gvid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&acid=c13428f4-516c-4676-afa5-4ab9d84c8782
Title: Preston Castle in der Nähe von Elk Grove

Search URL Search Domain Scan URL

URL: https://localhood.com/stories/97dea22e-c811-4314-89b8-efad6efea220/tips-to-slay-black-friday-at-the-camarillo-premium-outlets?networkUuid=87d6df5e-75e8-4b8b-96ca-46619f44be7b&gvid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&acid=c13428f4-516c-4676-afa5-4ab9d84c8782
Title: Tipps für einen gelungenen Black Friday in den Camarillo Premium Outlets

Search URL Search Domain Scan URL

URL: https://localhood.com/stories/bbc6f7bb-7105-4c4c-812a-5abd67b12470/4-ways-to-create-holiday-memories-in-el-dorado-county-ca?networkUuid=87d6df5e-75e8-4b8b-96ca-46619f44be7b&gvid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&acid=c13428f4-516c-4676-afa5-4ab9d84c8782
Title: 4 Möglichkeiten, Urlaubserinnerungen in El Dorado County, CA zu schaffen

Search URL Search Domain Scan URL

URL: https://localhood.com/stories/9968f3e1-971b-486f-9263-b73459067cc0/five-amazing-gift-ideas-to-find-in-claremont?networkUuid=87d6df5e-75e8-4b8b-96ca-46619f44be7b&gvid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&acid=c13428f4-516c-4676-afa5-4ab9d84c8782
Title: FÜNF tolle Geschenkideen für Claremont

Search URL Search Domain Scan URL

URL: https://www.californiameetings.com/
Title: Tagungen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VisitCalifornia

Search URL Search Domain Scan URL

URL: https://twitter.com/VisitCA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/visitcalifornia

Search URL Search Domain Scan URL

URL: https://www.threads.net/@visitcalifornia

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/visitcalifornia

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/VisitCA

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@visitcalifornia

Search URL Search Domain Scan URL

URL: https://www.visitcalifornia.com/newsletter-request

Search URL Search Domain Scan URL

URL: https://www.visittheusa.com/

Search URL Search Domain Scan URL

URL: https://www.visitcalifornia.com/privacy-policy/
Title: Datenschutz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://io.narrative.io/?companyId=1186&id=datafy_id:1-iopx4uv9-m4fjap4l HTTP 302
https://io.narrative.io/?companyId=1186&id=datafy_id%3A1-iopx4uv9-m4fjap4l&io.narrative.guid.v2=c4bd3b28-cf05-4f3a-9adf-c2a5ef8ea53a

154 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gcpf4.530028.xyz/ 1 MB
1 MB 914ms
464ms Document
text/html 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy nginx /

Resource Hash

77f30cce021415728d4b997cc09fda90ee64f806159bc71ee5132201bf90cc38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 1162485
content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Sun, 08 Dec 2024 11:42:22 GMT
etag: "67544d4e-11bcf5"
last-modified: Sat, 07 Dec 2024 13:27:42 GMT
server: Caddy nginx
strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: HIT
x-sucuri-id: 11005
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 489 KB
141 KB 134ms
59ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b522c863062c22bf6dc5af81031a9c397df7d53dc3366055c75a197194def0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 08 Dec 2024 11:42:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 08 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 143551
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 logos.svg
gcpf4.530028.xyz/assets/logo/ 52 KB
52 KB 196ms
195ms Other
image/svg+xml 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/assets/logo/logos.svg

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

0f81f7ae4b468cd577eb83e4a2e07129c8f8a264c48f989ecda6b2c683e82424

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
etag: "67544cc7-cf19"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: image/svg+xml
last-modified: Sat, 07 Dec 2024 13:25:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
accept-ranges: bytes
content-length: 53017
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 sprite.svg
gcpf4.530028.xyz/assets/svg/ 741 KB
742 KB 181ms
181ms Other
image/svg+xml 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/assets/svg/sprite.svg

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

ee326c0043473ac22a3e9392cf006476f6fe98ece7efcd747b90385023f947ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
etag: "67544cc7-b94ad"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: image/svg+xml
last-modified: Sat, 07 Dec 2024 13:25:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
accept-ranges: bytes
content-length: 758957
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 beach-ball-transparent-NOSHADOW-updated.png
gcpf4.530028.xyz/assets/images/ultimate-playground/ 2 KB
3 KB 201ms
200ms Image
image/png 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcpf4.530028.xyz/assets/images/ultimate-playground/beach-ball-transparent-NOSHADOW-updated.png

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

0cc1ae5180a5da898086e2d0998b32022bfff4729867fc40307200ce8f93a86e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
etag: "67544cc7-9e7"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: image/png
last-modified: Sat, 07 Dec 2024 13:25:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
accept-ranges: bytes
content-length: 2535
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 250x350
via.placeholder.com/ 1006 B
1 KB 314ms
115ms Image
image/png 52.5.91.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/250x350?text=%20
Requested by: Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.91.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-91-204.compute-1.amazonaws.com
Software: Werkzeug/2.2.2 Python/3.9.16 /
Resource Hash: 02f964ec469bc98fb6990ac27211c6df1035e0ce2a0bf67575bdedcd6312cb71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: public, max-age=31557600
content-length: 1006
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: image/png
server: Werkzeug/2.2.2 Python/3.9.16

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 41ms
10ms Script
application/javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bdc14b4be4e94f9632852f2a3dd7de94ffe204eac05a91c1064bf028f4457c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"7a3b6d6301e5c150449a213f0d0bcee2"
Age: 27656
Connection: keep-alive
Via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: D0kx1jUu38BV7xuAPqgfO0AxYmhOeK4zWrAKpO9QE0jaP7yWmi4DBA==
Date: Sun, 08 Dec 2024 04:01:28 GMT
Content-Type: application/javascript
Last-Modified: Tue, 03 Dec 2024 04:00:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
x-amz-server-side-encryption: AES256

GET
H2 200 rm.js Show response
cdn.requestmetrics.com/agent/current/ 42 KB
14 KB 100ms
18ms Script
application/javascript 2400:52e0:1e00::1080:1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.requestmetrics.com/agent/current/rm.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),

Reverse DNS

Software

BunnyCDN-DE1-1080 /

Resource Hash

9898cc923a79b191286afb3562d20d5ec3201492a5432e0625a8d4f4795281c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://gcpf4.530028.xyz/

Response headers

cdn-status: 200
x-fastly-request-id: a6f5b4fd3e9a052c8818d576d837e4f6794eef49
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "66e83abb-a889"
age: 0
x-proxy-cache: MISS
x-cache: HIT
last-modified: Mon, 16 Sep 2024 14:03:39 GMT
content-type: application/javascript; charset=utf-8
x-cache-hits: 0
cdn-cache: HIT
cdn-cachedat: 12/08/2024 00:04:10
cache-control: public, max-age=1200
cdn-requestpullsuccess: True
x-timer: S1733616250.069160,VS0,VE105
cdn-pullzone: 1606496
cdn-proxyver: 1.06
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1080
cdn-requestcountrycode: DE
x-github-request-id: 09A2:D497E:656050:691052:6753FA10
date: Sun, 08 Dec 2024 11:42:23 GMT
vary: Accept-Encoding
x-served-by: cache-fra-eddf8230081-FRA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
strict-transport-security: max-age=31556952
cdn-requesttime: 0
timing-allow-origin: *
cdn-uid: cd4e6a4c-6811-495a-bea9-94fbb4c46859
cdn-requestid: a29c334e595b787b94c8772382b8a2fc
via: 1.1 varnish
permissions-policy: interest-cohort=()
access-control-allow-origin: *

GET
H/1.1 200
OK pxl.js Show response
pxl.datafyhq.com/js/ 8 KB
8 KB 417ms
129ms Script
application/javascript 69.164.205.112
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pxl.datafyhq.com/js/pxl.js?t=1733702400000
Requested by: Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.164.205.112 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 69-164-205-112.ip.linodeusercontent.com
Software: nginx /
Resource Hash: fff27f96b033956984a23a3ba11b734a8d1ef304923157c10e700502a2d031de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

ETag: "65415146-1e88"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7816
Date: Sun, 08 Dec 2024 11:42:23 GMT
Content-Type: application/javascript
Last-Modified: Tue, 31 Oct 2023 19:11:02 GMT
Server: nginx

GET
H2 200 webpack-runtime-e3dd46468a737abf934c.js Show response
gcpf4.530028.xyz/ 10 KB
5 KB 269ms
267ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

afeba33ae67b070fa6f3d824033de12271616fee3c530dba7c148e3ef1679e01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c03-2988"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 framework-eb478bac7ed853c67b24.js Show response
gcpf4.530028.xyz/ 138 KB
52 KB 269ms
268ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/framework-eb478bac7ed853c67b24.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

0c50cc1320d63b1dbd4b7df95479d9f5b0afd32e0088ac428f3ae5fa9f046284

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-2284d"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 app-0b9ebd39eed651a9fdc9.js Show response
gcpf4.530028.xyz/ 955 KB
171 KB 272ms
271ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/app-0b9ebd39eed651a9fdc9.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

6078c49b2f8a9196f2a2ad9f8294bdc68cfbdd76d23dca87060800c4ce9bbbc9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-eede5"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H3 200 embed.js Show response
www.instagram.com/ 57 KB
20 KB 217ms
195ms Script
application/x-javascript 157.240.0.174
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.174 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p42-shv-02-fra3.fbcdn.net

Software

Resource Hash

cf9a8aed2d3b15477ded6eb22cb8bc258ac9502841eb822372c712e7386a20b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: p5IeuseZIEFdWx9WoDFEdg==
access-control-expose-headers: X-FB-Content-MD5
x-stack: www
content-encoding: zstd
etag: "21256d23c54d71a10590a5d8516c6b27"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 12:02:23 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=1200s
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-fb-content-md5: 6cf606b91ca671e8293608f1f298d835
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-debug: jgiFg5MqzCFiwUn4UqUXh0K5IH2AZC5LxtAlI1g3yoM6P6nPqu7YlAxjLi8HYOQemzzpbslXkDa31SSbu0LUCQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 20727
origin-agent-cluster: ?1

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 54ms
25ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

c3146c4b106cf855c4786a5ef182b537b47ddf6d3347be9499898f7a9b2a1805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: 925 / 20065 / m202412030101 / config-hash: 17564011173285401629
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:42:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33389
x-xss-protection: 0
server: cafe

GET
H2 200 newport-header-homepage-min.webp
gcpf4.530028.xyz/assets/images/ultimate-playground/ 132 KB
132 KB 290ms
289ms Image
image/webp 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcpf4.530028.xyz/assets/images/ultimate-playground/newport-header-homepage-min.webp

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

891749bde8a448b1176097ee85dd6ad16f2248f592fcb7ecb411dc149adc79df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
etag: "67544cc7-210ea"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: image/webp
last-modified: Sat, 07 Dec 2024 13:25:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
accept-ranges: bytes
content-length: 135402
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 square-topographic-lines.svg
gcpf4.530028.xyz/assets/images/newsletter/ 103 KB
103 KB 314ms
313ms Image
image/svg+xml 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcpf4.530028.xyz/assets/images/newsletter/square-topographic-lines.svg

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

d7f1ca01128e1acda540c8a0d3e57e480dc12f188f0572e1e61c8f7441af8bcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
etag: "67544cc7-19d06"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: image/svg+xml
last-modified: Sat, 07 Dec 2024 13:25:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
accept-ranges: bytes
content-length: 105734
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer

Response headers

Content-Type: font/woff2

GET
H2 200 raleway-latin-300-normal-7ca3602ac0d79f5abd8f237335816a12.woff2
gcpf4.530028.xyz/static/ 22 KB
22 KB 432ms
431ms Font
font/woff2 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/static/raleway-latin-300-normal-7ca3602ac0d79f5abd8f237335816a12.woff2

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

35c074f93b228f96cc96180fccae25f9781cb941eb66d3067f244f147519dc84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
etag: "67544bfd-5790"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: font/woff2
last-modified: Sat, 07 Dec 2024 13:22:05 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
accept-ranges: bytes
content-length: 22416
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/ 497 KB
153 KB 9ms
9ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: 6831530709922679929
age: 28315
x-content-type-options: nosniff
expires: Mon, 08 Dec 2025 03:50:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 03:50:28 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
83 B 25ms
24ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gcpf4.530028.xyz

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e306a55f53d75556cc48fe3bdbfb88920c77b7b36da6bd376b550cd9154ce27b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:42:23 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 59
date: Sun, 08 Dec 2024 11:42:23 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 10ms
9ms Other
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 30839
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 03:08:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 08 Dec 2024 03:08:24 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 app-data.json Show response
gcpf4.530028.xyz/page-data/ 50 B
151 B 245ms
244ms XHR
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/app-data.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

1fb073629a358cd9155c35c68f414dc8e111e2ffff55c33089e642cac8b1204c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cbf-32"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:19 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

GET
H2 200 page-data.json Show response
gcpf4.530028.xyz/page-data/index/ 380 KB
64 KB 180ms
180ms XHR
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/index/page-data.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

84eda368a03f6acd41d4480e6471281e3421a19bbe08098c038ea41f214b66ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cc5-5f0a3"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:25 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

POST
H2 451 712236.gif
idsync.rlcdn.com/ 0
98 B 57ms
17ms Ping
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/712236.gif?partner_uid=1-iopx4uv9-m4fjap4l
Requested by: Host: pxl.datafyhq.com
URL: https://pxl.datafyhq.com/js/pxl.js?t=1733702400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 08 Dec 2024 11:42:23 GMT

POST
H/1.1 200
OK pxl
pxl.datafyhq.com/imp/ 43 B
287 B 135ms
134ms Ping
application/octet-stream 69.164.205.112
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pxl.datafyhq.com/imp/pxl?id=CA-CAL-001&uid=1-iopx4uv9-m4fjap4l&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fgcpf4.530028.xyz%2F&rl=&ts=1733658143466&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=Visit%20California%20-%20Official%20Travel%20%26%20Tourism%20Website&bn=Chrome%20131&md=false&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&tz=-60&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=
Requested by: Host: pxl.datafyhq.com
URL: https://pxl.datafyhq.com/js/pxl.js?t=1733702400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.164.205.112 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 69-164-205-112.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

ETag: "623ce7b6-2b"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Date: Sun, 08 Dec 2024 11:42:23 GMT
Content-Type: application/octet-stream
Last-Modified: Thu, 24 Mar 2022 21:50:46 GMT
Server: nginx

POST
H/1.1 200
OK pixel.gif
pxl.datafyhq.com/ 43 B
272 B 267ms
130ms Ping
image/gif 69.164.205.112
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pxl.datafyhq.com/pixel.gif?partner_uid=1-iopx4uv9-m4fjap4l
Requested by: Host: pxl.datafyhq.com
URL: https://pxl.datafyhq.com/js/pxl.js?t=1733702400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.164.205.112 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 69-164-205-112.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

ETag: "623bed6f-2b"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Date: Sun, 08 Dec 2024 11:42:24 GMT
Content-Type: image/gif
Last-Modified: Thu, 24 Mar 2022 04:02:55 GMT
Server: nginx

GET
H3

204

/
io.narrative.io/
Redirect Chain

https://io.narrative.io/?companyId=1186&id=datafy_id:1-iopx4uv9-m4fjap4l
https://io.narrative.io/?companyId=1186&id=datafy_id%3A1-iopx4uv9-m4fjap4l&io.narrative.guid.v2=c4bd3b28-cf05-4f3a-9adf-c2a5ef8ea53a

0
201 B

25ms
25ms

Ping
text/plain

172.66.43.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://io.narrative.io/?companyId=1186&id=datafy_id%3A1-iopx4uv9-m4fjap4l&io.narrative.guid.v2=c4bd3b28-cf05-4f3a-9adf-c2a5ef8ea53a
Protocol: H3
Server: 172.66.43.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: no-cache
cf-ray: 8eec7de80ce2d2bb-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 08 Dec 2024 11:42:24 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=4,i

Redirect headers

location: https://io.narrative.io/?companyId=1186&id=datafy_id%3A1-iopx4uv9-m4fjap4l&io.narrative.guid.v2=c4bd3b28-cf05-4f3a-9adf-c2a5ef8ea53a
cf-ray: 8eec7de7cc33d2bb-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Sun, 08 Dec 2024 11:42:23 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=4,i

GET
H2 200 up
insight.adsrvr.org/track/ Frame E1E2 0
0 111ms
34ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=sma1pqq&ref=https%3A%2F%2Fgcpf4.530028.xyz%2F&upid=npzvnxc&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://gcpf4.530028.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Sun, 08 Dec 2024 11:42:24 GMT
server: Kestrel

GET
H2 200 favicon.ico
gcpf4.530028.xyz/assets/favicons/ 15 KB
15 KB 183ms
182ms Other
image/x-icon 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/assets/favicons/favicon.ico?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

6bcb47d0a18bbf00d4b8c88051c3cccd02ca08231feac182c027ee7fd733f763

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
etag: "67544cc7-3aee"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: image/x-icon
last-modified: Sat, 07 Dec 2024 13:25:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
accept-ranges: bytes
content-length: 15086
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 75fc9c18-e4c13fa1bc21a7a6cefb.js Show response
gcpf4.530028.xyz/ 59 KB
22 KB 195ms
195ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/75fc9c18-e4c13fa1bc21a7a6cefb.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

d2191676019b763556ec2f32bf3923dfa438955907120e1847f5380b9977f6c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-ec14"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 75fe681df47caac04f60c1043f2ca04a5c7d42c1-b3ca3885f227373bb660.js Show response
gcpf4.530028.xyz/ 94 KB
35 KB 180ms
179ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/75fe681df47caac04f60c1043f2ca04a5c7d42c1-b3ca3885f227373bb660.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

8c045074b90fad4e2d59ad444ab1bda7f1583a590f4f8e4a8ee2e2fa102875da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-1773a"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 b6bc7df12b966f8bd4f5ae30cb9679b489208dbc-1f9fb6b2447fa7616c97.js Show response
gcpf4.530028.xyz/ 15 KB
6 KB 218ms
217ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/b6bc7df12b966f8bd4f5ae30cb9679b489208dbc-1f9fb6b2447fa7616c97.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

5431c27eefe7946e2711e7497567de2742ae74b2bfc68df6c34ba2b31d2d5d87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-3b22"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 cd7fd9ab601080eb751d362953f4a08feee27316-55fac3ea648957eec1b7.js Show response
gcpf4.530028.xyz/ 484 KB
160 KB 212ms
210ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/cd7fd9ab601080eb751d362953f4a08feee27316-55fac3ea648957eec1b7.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

74714a1dd5b6cdf068f0b158bb7899455249673a487e7ba6e0edc573bd4aa56f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-78faf"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 2b89054713eba59982f4579cf3a82ef14486fbd4-62375d069e4a6d4f824d.js Show response
gcpf4.530028.xyz/ 136 KB
46 KB 226ms
224ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/2b89054713eba59982f4579cf3a82ef14486fbd4-62375d069e4a6d4f824d.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

a746fb08e1d4e8a13187442d9cd67d8ed4e18eb3b744fcec8789b5ac3a25750b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-22038"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 681d4f5b3e5db4de1aad6a6bf885324e73ec40cf-434defc78be44e812765.js Show response
gcpf4.530028.xyz/ 9 KB
4 KB 238ms
237ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/681d4f5b3e5db4de1aad6a6bf885324e73ec40cf-434defc78be44e812765.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

af9282d84eb61458a1640347148cd928f04010410950a4c1c60a23dacdaf895c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-2409"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 ba35d638c74e45f75ed0c62fbb972cbebae09356-0b8f6d3307b135c3c245.js Show response
gcpf4.530028.xyz/ 27 KB
7 KB 224ms
223ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/ba35d638c74e45f75ed0c62fbb972cbebae09356-0b8f6d3307b135c3c245.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

d7918d06eb97a16e3bbdff8153388fb4f85db194c9f3f5af891bcea3fc99cb05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-6ddf"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 b91a1e031b00b38071bf9b0915ef9ef137c8da05-6e8cd1f263a470c08e13.js Show response
gcpf4.530028.xyz/ 143 KB
52 KB 233ms
232ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/b91a1e031b00b38071bf9b0915ef9ef137c8da05-6e8cd1f263a470c08e13.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

57e8a0b6b924486efb610cd3ec104ee7c3ff3db96c8a467238e14730dd7c5d2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c04-23b78"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 component---src-templates-static-index-jsx-c395376dff044c1db3d0.js Show response
gcpf4.530028.xyz/ 59 KB
17 KB 245ms
244ms Script
application/javascript 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/component---src-templates-static-index-jsx-c395376dff044c1db3d0.js

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/webpack-runtime-e3dd46468a737abf934c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

632065ebf74f55585df1f941d9e896e730f4f360f2de0b51c557121058dfeffe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
content-encoding: gzip
etag: W/"67544c03-eb3c"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
content-type: application/javascript
last-modified: Sat, 07 Dec 2024 13:22:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H2 200 443949479.json Show response
gcpf4.530028.xyz/page-data/sq/d/ 29 KB
6 KB 226ms
225ms XHR
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/sq/d/443949479.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

fca2991a9d937fb463cfff4f400700e357bad14b19dfbe854e7e2d1eca461438

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544ca3-7582"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:24:51 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 /
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ Frame 0
0 172ms
128ms Preflight
text/html 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gcpf4.530028.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://gcpf4.530028.xyz
allow: POST, HEAD, GET, OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 08 Dec 2024 11:42:24 GMT
server: gunicorn
vary: Origin
via: 1.1 google

OPTIONS
H2 200 /
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ Frame 0
0 188ms
145ms Preflight
text/html 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gcpf4.530028.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://gcpf4.530028.xyz
allow: POST, HEAD, GET, OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 08 Dec 2024 11:42:24 GMT
server: gunicorn
vary: Origin
via: 1.1 google

GET
H2 200 js Show response
g.amp.travel/v2/ 53 KB
15 KB 281ms
145ms Script
application/javascript 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.amp.travel/v2/js
Requested by: Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/app-0b9ebd39eed651a9fdc9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 3cd821e898113fd988b2fd844052c13d3b51050a95e45f150f69876018e7281f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

server: Google Frontend
cache-control: public, max-age=0
content-encoding: gzip
etag: W/"d496-18d12a04d80"
accept-ranges: bytes
access-control-allow-origin: *
date: Sun, 08 Dec 2024 11:42:24 GMT
last-modified: Tue, 16 Jan 2024 14:15:12 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 geolocation Show response
us-central1-consumer-website-238721.cloudfunctions.net/ 85 B
335 B 208ms
153ms XHR
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-consumer-website-238721.cloudfunctions.net/geolocation
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 31e629ca95cab906ede98b24a427693d834d94c54533317c667f897b78e27f34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
function-execution-id: 5v0opyhwpntu
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: Google Frontend
x-cloud-trace-context: 3e5059cbc406c9df7888b176e6134f8d

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 45ms
22ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LfsymQpAAAAAJijhzl5RcZC9X4mARhDisyXsaQk

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/app-0b9ebd39eed651a9fdc9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

fb1f54cd1c05570b21edb93fc316211d36b38b83ad11ae93d526ac560e1ed0d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:42:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 08 Dec 2024 11:42:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 52 KB
4 KB 175ms
144ms XHR
application/json 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: gunicorn /
Resource Hash: 805255ead0cb114efc7f63986afc9f5e07f8dc6cc7092cfb8def2ada799af135

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

POST
H2 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 9 KB
900 B 155ms
144ms XHR
application/json 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: gunicorn /
Resource Hash: d2ebc07d9b48735de88287cbdcdab6f02070dddd7b237e8813a5098b6cf61845

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

GET
H2 200 geolocation Show response
us-central1-consumer-website-238721.cloudfunctions.net/ 85 B
192 B 276ms
134ms XHR
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-consumer-website-238721.cloudfunctions.net/geolocation
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 31e629ca95cab906ede98b24a427693d834d94c54533317c667f897b78e27f34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
function-execution-id: 5v0osppbvh39
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: Google Frontend
x-cloud-trace-context: b9586ebf672e17a348f284dd517dcc85

GET
H2 200 VCA_CANOW_Primary_color-09aafea9846115860db829e1a4744bcd.png
gcpf4.530028.xyz/static/ 22 KB
22 KB 353ms
353ms Image
image/png 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gcpf4.530028.xyz/static/VCA_CANOW_Primary_color-09aafea9846115860db829e1a4744bcd.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

97b9c5a3ad219e2be2b99a81642efa864e282bf0a4bc7c137023620bd71b1060

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
etag: "67544c00-5858"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: image/png
last-modified: Sat, 07 Dec 2024 13:22:08 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
cache-control: max-age=315360000
via: 1.1 google
accept-ranges: bytes
content-length: 22616
x-xss-protection: 1; mode=block
server: Caddy, nginx

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 62ms
31ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030101&st=env

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

78513e8df8f8c6c44df966086f515c9a852a2bad48bb50fb67a454d586240d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13157
date: Sun, 08 Dec 2024 11:42:24 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 72 KB
26 KB 122ms
78ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3350260733021097&correlator=1213013853139979&eid=31089345%2C31086810&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fif&iu_parts=53084370%2Cvca-midpage-leaderboard%2Cvca-homepage-leaderboard-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1733658144743&lmt=1733578062&adxs=640&adys=1796&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgcpf4.530028.xyz%2F&vis=1&psz=1600x144&msz=1600x144&fws=4&ohw=1600&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733658142406&idt=1482&adks=727844727&frm=20&td=1&tan=2e1077e9-3d17-423f-a477-a378fc5b3963&tdf=2

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

03d7ae30c5155748cbfc90be3387fa73527d1bd7ac87959de0140b762b181647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
google-lineitem-id: 6832715273
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138496907830
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://gcpf4.530028.xyz
content-length: 26791
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 72 KB
26 KB 124ms
86ms Fetch
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3350260733021097&correlator=1213013853139979&eid=31089345%2C31086810&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fif&iu_parts=53084370%2Cvca-midpage-leaderboard%2Cvia-homepage-leaderboard-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1733658144748&lmt=1733578062&adxs=640&adys=4834&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgcpf4.530028.xyz%2F&vis=1&psz=1600x144&msz=1600x144&fws=4&ohw=1600&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733658142406&idt=1482&adks=2639217346&frm=20&td=1&tan=2e1077e9-3d17-423f-a477-a378fc5b3964&tdf=2

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

82c7a23d9d1373043ab2ef23f103d02af4542a1abbec078c5e8bfbf00cbed181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
google-lineitem-id: 6831389653
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138496904968
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://gcpf4.530028.xyz
content-length: 26757
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
c5bc48686bc615a53e825055a4b5f751.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5422 0
0 176ms
27ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5bc48686bc615a53e825055a4b5f751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcpf4.530028.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Dec 2024 11:42:24 GMT
expires: Sun, 08 Dec 2024 11:42:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect
www.google.com/ccm/ 0
0 37ms
36ms Ping
text/plain 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgcpf4.530028.xyz%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=377733366.1733658145&auid=497017315.1733658145&npa=1&gtm=45He4c40v832329070za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&tft=1733658144807&tfd=3322&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

GET
H2 200 hotjar-2553354.js Show response
static.hotjar.com/c/ 13 KB
6 KB 162ms
19ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2553354.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

6a23e2f8c8b6610312f1db7d0d40c665452f20379c58e48dc8839da146dfbb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: W/e4638ef87666374fe6ddbf13a8d790f4
age: 46
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: KTjjsjXEf54eeBGThwhw-TX7Tihi5tNoaz569740iuvPiU3yjl8kNQ==
date: Sun, 08 Dec 2024 11:41:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2

GET
H2 200 72c6351113b61.js Show response
t.contentsquare.net/uxa/ 447 KB
105 KB 342ms
17ms Script
application/javascript 18.244.18.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/72c6351113b61.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b9b9a045cfc82e71045ed0cb9d8d6e2cf13687c89611418e7c6f61dad665c33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: "24afdbb269df11919a37ed88adba0fd8"
age: 0
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: cjBR5ergxBgavpobGKyvgBaEgGwDRdkDEnlZodtIrDo7EJkwBkb8Ag==
date: Fri, 06 Dec 2024 06:02:20 GMT
content-type: application/javascript;charset=utf-8
vary: accept-encoding, Origin
last-modified: Wed, 20 Nov 2024 15:59:36 GMT
cache-control: max-age=900
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 106409
x-amz-cf-pop: FRA56-P11
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sync Show response
live.rezync.com/ 4 KB
4 KB 475ms
157ms Script
text/javascript 65.9.66.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=850988ade85553637bcf41a89802f4cf&k=visit-california-pixel-4387
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-102.fra56.r.cloudfront.net
Software: lighttpd/1.4.69 /
Resource Hash: 0989d3a0df9d721725fe038f63cc494297007a3173147d6583e969ab12cb1b26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 3703
x-amz-cf-id: ndOAr3B18jaXP-CGggVnCHzRJb3ZgsffOXo17_14KsLr7G1wSAZ01A==
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: text/javascript
vary: Cookie
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 337ms
22ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD1569506103F3
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 1759
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 11:42:25 GMT
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 20:13:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5f39a885-801e-00bc-1d90-4784fb000000
cf-ray: 8eec7def1c74d36e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7211
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 344ms
26ms Script
application/javascript 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608242c41714bcf0ce0c6dc6befbfbd8a4c4fa6c97d88f5deec2f5238ba3e3fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67530621-8a98"
age: 29988
cf-ray: 8eec7def2e599bbc-FRA
expires: Sun, 08 Dec 2024 15:22:37 GMT
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Fri, 06 Dec 2024 14:11:45 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 549 KB
218 KB 301ms
11ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LfsymQpAAAAAJijhzl5RcZC9X4mARhDisyXsaQk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
age: 419012
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 15:18:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 15:18:53 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222835
x-xss-protection: 0
server: sffe

GET
H3 200 geolocation Show response
us-central1-consumer-website-238721.cloudfunctions.net/ 82 B
107 B 267ms
142ms XHR
application/json 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-consumer-website-238721.cloudfunctions.net/geolocation
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: fc7358ecd48784cd1730ed21edfa3f9c5dc6de63112b069cc25acf50ff62bb41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89
function-execution-id: 5v0ody2fud2v
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: Google Frontend
x-cloud-trace-context: 01f51d38d8c1df4a0080615d96188c7e

POST
H3 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 47 KB
5 KB 152ms
149ms XHR
application/json 142.250.186.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f20.1e100.net
Software: gunicorn /
Resource Hash: f8cd8c9efaa5858464f9779d46aba125864d0e04d44576d739c680620b582bfe

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

POST
H3 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 34 KB
4 KB 215ms
211ms XHR
application/json 142.250.186.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f20.1e100.net
Software: gunicorn /
Resource Hash: f95b16eb1f1c9e656399cbca8f42a79d7671320d743aa9d90245951fc2a54f73

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

POST
H3 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 31 KB
3 KB 175ms
166ms XHR
application/json 142.250.186.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f20.1e100.net
Software: gunicorn /
Resource Hash: 43256574c6a6ab405b5845d5e3001ee27feaade487edeb9161ce351707befb1b

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:24 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

GET
H2 200 VC_50-Fun-Things-Holiday_Solvang_SUPPLIED_1280x640.jpg.webp
drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2024-11/ 31 KB
31 KB 252ms
150ms Image
image/webp 34.54.246.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2024-11/VC_50-Fun-Things-Holiday_Solvang_SUPPLIED_1280x640.jpg.webp?itok=h3plHvHb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.246.109 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.246.54.34.bc.googleusercontent.com
Software: nginx/1.27.3 /
Resource Hash: 4f9f7b9d49f18a59e424e9953a5ae10ebcf1f0ea8888e3fd532091f550ad1164

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

etag: "6733f406-7d72"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32114
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: image/webp
last-modified: Wed, 13 Nov 2024 00:34:14 GMT
server: nginx/1.27.3

GET
H2 200 VC_2024-New-at-California-Ski-Resorts_Big-Bear_SUPPLIED_1280x640.jpg.webp
drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2024-10/ 16 KB
16 KB 241ms
143ms Image
image/webp 34.54.246.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2024-10/VC_2024-New-at-California-Ski-Resorts_Big-Bear_SUPPLIED_1280x640.jpg.webp?itok=5ljvi9qt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.246.109 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.246.54.34.bc.googleusercontent.com
Software: nginx/1.27.3 /
Resource Hash: 6ed43b51a02301f45dd7f0a68fa8ea0352367a06c7203bc8a1f118ebe2319491

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

etag: "6724cde3-3f58"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16216
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: image/webp
last-modified: Fri, 01 Nov 2024 12:47:31 GMT
server: nginx/1.27.3

GET
H2 200 VC_Fall-Deals_Mendocino-Mushroom-Trail_SUPPLIED_1280x640.jpg.webp
drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2024-09/ 26 KB
27 KB 221ms
123ms Image
image/webp 34.54.246.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2024-09/VC_Fall-Deals_Mendocino-Mushroom-Trail_SUPPLIED_1280x640.jpg.webp?itok=kJ_M7_vZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.246.109 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.246.54.34.bc.googleusercontent.com
Software: nginx/1.27.3 /
Resource Hash: 8801a9be02a997c8dd4ede6749438cb15221ca0a7ccf9acc73875b72eff37e63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

etag: "66fd462e-69b2"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27058
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: image/webp
last-modified: Wed, 02 Oct 2024 13:10:06 GMT
server: nginx/1.27.3

GET
H2 200 VC_NYE2022-Dodge_Ridge-SUPPLIED_1280x640.jpg.webp
drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2022-12/ 15 KB
15 KB 230ms
147ms Image
image/webp 34.54.246.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2022-12/VC_NYE2022-Dodge_Ridge-SUPPLIED_1280x640.jpg.webp?itok=4BqJJpao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.246.109 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.246.54.34.bc.googleusercontent.com
Software: nginx/1.27.3 /
Resource Hash: ad2a21b4a28ec325cbdcd1d332620f7117b66d574f51ebac80e7a37518d5aad6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

etag: "657b7333-3cc0"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: image/webp
last-modified: Thu, 14 Dec 2023 21:27:15 GMT
server: nginx/1.27.3

GET
H2 200 VC_Holiday-Lights_Dana-Point_gty-882162946_RF_1280x640.jpg.webp
drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2020-12/ 19 KB
19 KB 228ms
145ms Image
image/webp 34.54.246.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drupal-prod.visitcalifornia.com/sites/default/files/styles/fixed_300/public/2020-12/VC_Holiday-Lights_Dana-Point_gty-882162946_RF_1280x640.jpg.webp?itok=TcBFt4CQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.54.246.109 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.246.54.34.bc.googleusercontent.com
Software: nginx/1.27.3 /
Resource Hash: 68a5672dd13f52e1dc5380c3045c4a0ac3e7b6b01af00046cc04777115f5d505

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

etag: "656e3957-4d20"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19744
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: image/webp
last-modified: Mon, 04 Dec 2023 20:40:55 GMT
server: nginx/1.27.3

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 316ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:42:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame C45E 0
0 101ms
51ms Document
text/html 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fgcpf4.530028.xyz

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Dec 2024 11:42:24 GMT
expires: Mon, 08 Dec 2025 11:42:24 GMT
last-modified: Tue, 03 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 geolocation Show response
us-central1-consumer-website-238721.cloudfunctions.net/ 82 B
107 B 344ms
129ms XHR
application/json 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-consumer-website-238721.cloudfunctions.net/geolocation
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: fc7358ecd48784cd1730ed21edfa3f9c5dc6de63112b069cc25acf50ff62bb41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89
function-execution-id: 5v0oy2fzm3yw
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: Google Frontend
x-cloud-trace-context: 2f0be9f4eb0a6b79303ce4ef6c34ce46

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9018 0
0 68ms
55ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstLKEy1gFkXV_fUaIE5j2bb8SLViTwocYOu7F0yKKwbyyJeoCQUAC-EzdwAp9dgkfHPDh0gu237G6TZs8-bfrFo9jhLsnnGlME7nSQUcHod1-8DKWguezBZXfd3zrBrAPXLMAb3ClwQbST1KSVY1PsrsT-O7GLO9ONOC9mS2JLxbXf3Im3Z5tEWC_pnAB_rT0bJEb1XPg4T5A6YzpOnrdhsTZZL64kbe9xM9nm8pbjlY6ItGMNmLTmn_AWFUUhT4jSpdQaZhjOUp30j0b_DdRSpqb7LouDvVHO0H34FQA70odVG2L7xnrPHmu_ZRGjYDqsKU6Eh0NjNY6GxAO69901GrYdwn_K-dxbNPvGR_F_j65Y0MdWbQJSXTpvpjCCx3lct1KX8zqZfTDZQoj2wWaqh8Qbdc32EW7X3tqFB0NOz3ClvvP1mpaTtc03eEQ&sig=Cg0ArKJSzD2CALed9T3zEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 08 Dec 2024 11:42:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame 9018 23 KB
9 KB 58ms
48ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: 11581923691383104463
age: 45357
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 23:06:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 07 Dec 2024 23:06:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9052
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame 9018 3 KB
1 KB 65ms
56ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 41263
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 00:14:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 08 Dec 2024 00:14:41 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9018 218 KB
67 KB 31ms
22ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: 15965780714114583650
age: 2706
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:57:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 08 Dec 2024 10:57:18 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69026
x-xss-protection: 0
server: cafe

GET
H2 200 15964784584645041949
tpc.googlesyndication.com/simgad/ Frame 9018 17 KB
18 KB 80ms
27ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15964784584645041949

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de39bddb10708019e78194fe0ad937698be8cac04e0a0c765780b0cb61e1f7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 61272
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 18:41:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 07 Dec 2024 18:41:13 GMT
last-modified: Thu, 07 Nov 2024 19:42:38 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 17901
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame 9018 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24ab393b7c43ca70643a93e6ef959911371b4f77c314413d2dc06eb15f8aff6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F623 0
0 70ms
68ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstRo9vroPpO_yGoMKXpZEvbzuQsBnyFh2hSMuvrYIrJ2heizjt5rLiuXsoSBtU_TdLh7ajC3f5G2Vc-0EizPNPonhvl6vGBUrL074ULuP61nHuJuc552cJCAGgtOE1xaEF7kFuyUxK_yecB9crboxQkewJSKEvjJnnq7R8ChWg5UcbNS8oXDrPJnkyiSO4q15Mx_2Sh2QR8azKQmeHs5Qo3vXuUFLFncvXA5ckRUdBPqyJqvKefdJjZb2d_xTNhWBbXGvZ5aH9BT1pV8FmdrpvVQ_Y17hwvTalTD71I7F6hFvfmhj9V4ZkThZhOOHZI-HXR-Trg1Cn0IGrlGEjf6S-rXN-a49vM3tm-RiFPlPUKcPucpV_x7porDnsAH4wfmbj081UgRl7ND-azs3q16feCQyRh9ir3aQderLml84xISgYUbFpktYUSVzeFqg&sig=Cg0ArKJSzPY33HtEuwsbEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 08 Dec 2024 11:42:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame F623 23 KB
0 33ms
33ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: 11581923691383104463
age: 45357
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 23:06:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 07 Dec 2024 23:06:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9052
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame F623 3 KB
0 40ms
40ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: 6567774568227038691
age: 41263
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 00:14:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 08 Dec 2024 00:14:41 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F623 218 KB
0 9ms
9ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
etag: 15965780714114583650
age: 2706
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:57:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 08 Dec 2024 10:57:18 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69026
x-xss-protection: 0
server: cafe

GET
H2 200 14760736131419343448
tpc.googlesyndication.com/simgad/ Frame F623 16 KB
16 KB 76ms
53ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14760736131419343448

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4f1a4cf8bed8134306bad1c4f0fcd1bc4415ce2ca698d93e84eefc5faa15bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 0
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Mon, 08 Dec 2025 11:42:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Thu, 07 Nov 2024 19:26:09 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 16201
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame F623 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e69db36a202b85bc73d0e7cb77f5219d8de47051d33061518b627ac056cd76d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 modules.a80e23f65c59cd611c5f.js Show response
script.hotjar.com/ 222 KB
55 KB 80ms
14ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a80e23f65c59cd611c5f.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2553354.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

6bb463ac36ef12be8174c2e51d47888cc8f8439f48676a2bf7698e9dd15e9384

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-robots-tag: none
content-encoding: br
etag: "3a9d3e3801de9559c802549d74fad588"
age: 333498
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: iU_uRTEImc2yACl93I85fN-4VHNEtarhcyO2Jgs3lQ0gSqUOiOBGwg==
date: Wed, 04 Dec 2024 15:04:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 04 Dec 2024 15:03:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56221
x-amz-cf-pop: FRA56-C2

OPTIONS
H2 204 stories
g.amp.travel/v2/ Frame 0
0 191ms
131ms Preflight
text/html 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.amp.travel/v2/stories?galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&evid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&clientId=c13428f4-516c-4676-afa5-4ab9d84c8782
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://gcpf4.530028.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
content-type: text/html
date: Sun, 08 Dec 2024 11:42:25 GMT
server: Google Frontend
vary: Access-Control-Request-Headers
x-cloud-trace-context: cb8cda6bbf2f926dc3df1f3d750c96c9
x-powered-by: Express

GET
H2 200 story-fonts-roboto.css
static.amp.travel/ 5 KB
5 KB 136ms
8ms Stylesheet
text/css 34.107.174.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.amp.travel/story-fonts-roboto.css
Requested by: Host: g.amp.travel
URL: https://g.amp.travel/v2/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.174.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 205.174.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f1cc7aede7f88eeb4347526216a57e0e02bb9a041517fadd9aa1ef485d4a2675

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=HecH/A==, md5=aPsJGJF/glovaj9U7TaQUA==
etag: "68fb0918917f825a2f6a3f54ed369050"
age: 2957
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:53:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 4985
date: Sun, 08 Dec 2024 10:53:08 GMT
last-modified: Thu, 13 Jul 2023 13:42:05 GMT
content-type: text/css
x-guploader-uploadid: AFiumC4dpNE24sRdh7jDvSk9jyf8XAgLvP9Jl12ib1PM37UExiLYv4KUe6IDT2AwSmRsLrwbxSH8i1kZ7g
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1689255725326538
content-length: 4985
server: UploadServer

GET
H2 200 css
g.amp.travel/v2/ 24 KB
3 KB 151ms
150ms Stylesheet
text/css 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.amp.travel/v2/css
Requested by: Host: g.amp.travel
URL: https://g.amp.travel/v2/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 34c199710f544759a0ad0b80653ccf01fa69b864134bda6f725bff73dc3ac2c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

server: Google Frontend
cache-control: public, max-age=0
content-encoding: gzip
etag: W/"60d7-18d12a04d80"
accept-ranges: bytes
access-control-allow-origin: *
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Tue, 16 Jan 2024 14:15:12 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136517477-7

Requested by

Host: g.amp.travel
URL: https://g.amp.travel/v2/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fece2d2a07d1dc03088839678c81cf9899d92a024cbed4dd8cc858d8aea8e0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 08 Dec 2024 11:42:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 08 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77452
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136517477-7&l=dataLayer&cx=c&gtm=45He4c40v832329070za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTP25B5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfd544cb682fce8d62fb3cd4c817e484dddbf2a0bdc2c03e7a334ec3ce53edd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 08 Dec 2024 11:42:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 08 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77563
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 stories Show response
g.amp.travel/v2/ 8 KB
2 KB 428ms
427ms XHR
application/json 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.amp.travel/v2/stories?galleryId=8dfedfbc-960f-4a6a-bf58-62b5e5e9802b&evid=a1c5ad92-7bc6-4c24-81a6-1beedb001149&clientId=c13428f4-516c-4676-afa5-4ab9d84c8782
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 3369f4be7bfada024b8c5bc006360a792810d7601396fd7735ba93141608b405

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
etag: W/"2130-WnTr70m+Jaez6BQe1f1pE4Tn0KY"
access-control-allow-origin: *
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
server: Google Frontend

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F623 0
0 53ms
52ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 08 Dec 2024 11:42:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F623 0
0 43ms
42ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssljvbDtO47tN0nFmePK1rQwm7wf6z7tDNm8JG3cRyVdOg-1a0WOplY2pJNnBfeR9afaDbYOxmerBYw7IpwKT46L8cfB_FXE1G4HW2EG3thjP8bU-USi8bMvRVrnL0X3Zg5dY-qh0A-BHQLmqIScCwJWzA6x_E_alMDVckSGJQVZD-da3PB3RNaRSRqfG2tLkX3pIff_mSGyyfB4NeULiMOqZYC8waBlDbFNqMbtGu0liLLBoWlvJmcnv26hZGtQa5Fa7QwiUQA8BehBO8F6T_lDzbndBqcgy1cHOjYTD84Dr_FeKexaPz4kC_tTRqbTt1D4fF61Hp3MzyqxPjLr0zpOD7S4B8raSn0G1obsb2ihhmARkisEatHaAlYS8iRdrIHSg1ZhBAo7zvOzb1IT9ume-UKVsebI4xI5fBANki74XsnkUm4zM4PCx1hiSF4&sig=Cg0ArKJSzBocUU1WWK9BEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 08 Dec 2024 11:42:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F623 0
0 41ms
40ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 08 Dec 2024 11:42:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9018 0
0 45ms
43ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 08 Dec 2024 11:42:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9018 0
0 46ms
45ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstHLXI7F0RgbP9jDdhWsz8M3mNDgY1MaH4nhHsnUpEktmLKSLjwnvmHVyQi3ZoPl1bPMn9aXqKWBdXwzDvDcKJyC3dmpORll0XKlhaOUqRSt4Tc6rhS1IKJfH43W62mdq3RJKdkadNvse5z-oSvopuZq0DYpD8qoO45lYQ_Qa8HrDd6KjN76WE5-tfMpkvgD6ZC0IfeZAVPzYtzCurwDhy8c0c8AyC2aWmiWED7SBpka_tdbTa_RL2CtcqSVXjrvyn2bTd3FEclhL96CzPrKBhnGggbT9KQGXL8He4diKJUTf1PWIV-ZPNNX9MFGqAR59KOzRko1b0MCkiNwzcRhValoMWWJSNX4PbYGK4iGLhC5VNOEbLJ7f9Ds4jPHwb1a8E5J4nshcOAnJMAAqIztEDWe2AJju4vJ3_ExaxlAUKELBtS9UizDP0LiG8OtDBg&sig=Cg0ArKJSzIn6uBr-sP_oEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 08 Dec 2024 11:42:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9018 0
0 44ms
44ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sun, 08 Dec 2024 11:42:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
storage.googleapis.com/stories-prod/story-fonts-roboto/ 11 KB
11 KB 41ms
10ms Font
application/octet-stream 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/stories-prod/story-fonts-roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: static.amp.travel
URL: https://static.amp.travel/story-fonts-roboto.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://static.amp.travel/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=GCvKqw==, md5=H2089tOPJdg9lfWoALjKww==
etag: "1f6d3cf6d38f25d83d95f5a800b8cac3"
age: 2706
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:57:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 11028
date: Sun, 08 Dec 2024 10:57:19 GMT
last-modified: Thu, 13 Jul 2023 13:14:56 GMT
content-type: application/octet-stream
x-guploader-uploadid: AFiumC5sJEfDJDXmLBgCBugyn_0ybllJ7ZnaVVgPH0Gk5bA8XD2yym9606fGuC1lvfNv-6gdUvQ
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1689254096363466
content-length: 11028
server: UploadServer

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 45ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136517477-7&l=dataLayer&cx=c&gtm=45He4c40v832329070za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
age: 3660
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 12:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 10:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 31742eae-8d5d-49c6-ae00-4381f8d8076d.json Show response
cdn.cookielaw.org/consent/31742eae-8d5d-49c6-ae00-4381f8d8076d/ 5 KB
2 KB 153ms
133ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/31742eae-8d5d-49c6-ae00-4381f8d8076d/31742eae-8d5d-49c6-ae00-4381f8d8076d.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8213cfaf3522cab6ebcad10712f8b2b5c93761dcba5fcb96182c2f801cd5b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: tHXiWFCmmedGgNdyWoe5nQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: MISS
etag: 0x8DD1308746B02A3
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 11:42:25 GMT
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json
last-modified: Mon, 02 Dec 2024 19:35:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 211b3502-201e-0054-7866-497900000000
cf-ray: 8eec7df09d5f4d64-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1805
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 5216 0
0 41ms
23ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfsymQpAAAAAJijhzl5RcZC9X4mARhDisyXsaQk&co=aHR0cHM6Ly9nY3BmNC41MzAwMjgueHl6OjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=t0ea2qok50dv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rwEEX_PXPo-CMbjzHNQUGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcpf4.530028.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rwEEX_PXPo-CMbjzHNQUGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Dec 2024 11:42:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 95A2 0
0 30ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcpf4.530028.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Dec 2024 11:27:02 GMT
expires: Sun, 08 Dec 2024 12:17:02 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 geolocation Show response
us-central1-consumer-website-238721.cloudfunctions.net/ 82 B
107 B 137ms
136ms XHR
application/json 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-consumer-website-238721.cloudfunctions.net/geolocation
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: fc7358ecd48784cd1730ed21edfa3f9c5dc6de63112b069cc25acf50ff62bb41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89
function-execution-id: 5v0o0pkhuxlo
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: Google Frontend
x-cloud-trace-context: 9eee9a0a32df1cb66824532056130546

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/visit-california-prod/ 95 KB
30 KB 57ms
14ms Script
application/javascript 18.66.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/visit-california-prod/p13n.min.js
Requested by: Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6aaf35b445ebde12955d963661bd2f155a9a01ea26135a2be61dd36fd17541f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

Content-Encoding: gzip
x-amz-version-id: WQDnjLX.RmXNXagCmpxXeva6cuovBwqo
ETag: W/"f03805b3b85c868ec07d21b9e37d3f04"
Age: 2147
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: kwmzHEkHj3JqRmWs5Ci8gPmFrsMxYaRpvOKZOrCSrQ46d6k-OqAmqA==
Date: Sun, 08 Dec 2024 11:15:31 GMT
Content-Type: application/javascript
Vary: accept-encoding
Last-Modified: Sun, 24 Nov 2024 21:11:46 GMT
Transfer-Encoding: chunked
Cache-Control: public, max-age=3600
Connection: keep-alive
Via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 52ms
9ms Script
application/x-javascript 2600:9000:2724:de00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:de00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

cache-control: public, max-age=3600
content-encoding: br
age: 3174
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
expires: Sun, 08 Dec 2024 11:49:31 GMT
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-amz-cf-id: 2FIrD1xkwG_5xUCmSSDKgk0_dAZK95C5Tgwwbj-LYXQj41HG0tFEDA==
date: Sun, 08 Dec 2024 10:49:31 GMT
content-type: application/x-javascript
last-modified: Sun, 08 Dec 2024 10:49:21 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA56-P12
vary: Accept-Encoding

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
573 B 168ms
157ms XHR
application/json 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12545707&u1=DF4E59E72B6346DE9969D537F665BE70&java=1&security=65d7a6e7&sc_snum=1&sess=7810d0&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//gcpf4.530028.xyz/&t=Visit%20California%20-%20Official%20Travel%20%26%20Tourism%20Website&invisible=1&sc_rum_e_s=4000&sc_rum_e_e=4010&sc_rum_f_s=0&sc_rum_f_e=3688&get_config=true
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8eec7df1684c9bbc-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://gcpf4.530028.xyz
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json
server: cloudflare

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
420 B 17ms
17ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=299014458&t=pageview&_s=1&dl=https%3A%2F%2Fgcpf4.530028.xyz%2F&ul=de-de&de=UTF-8&dt=Visit%20California%20-%20Official%20Travel%20%26%20Tourism%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1281521430&gjid=642827511&cid=1474748383.1733658145&tid=UA-136517477-7&_gid=1524565551.1733658145&_r=1&gtm=457e4c40za200zb832329070&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&jsscut=1&npa=1&z=260610385

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://gcpf4.530028.xyz/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://gcpf4.530028.xyz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 62ms
38ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://gcpf4.530028.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8eec7df19d31198f-FRA
access-control-allow-origin: *
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK ca.html
20830662p.rfihub.com/ Frame 9E78 0
0 150ms
30ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20830662p.rfihub.com/ca.html?ver=9&rb=43692&ca=20830662&_o=43692&_t=20830662&userid=3e79f006-feef-4ce2-87eb-ae1a71f2f2d0%3A1733658145.2124546&pe=https%3A%2F%2Fgcpf4.530028.xyz%2F&pf=&ra=02103203652485841
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer: https://gcpf4.530028.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 4809
Content-Type: text/html;charset=utf-8
Date: Sun, 08 Dec 2024 11:42:25 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 155 B
470 B 449ms
116ms XHR
application/json 54.160.94.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiM2U3OWYwMDYtZmVlZi00Y2UyLTg3ZWItYWUxYTcxZjJmMmQwOjE3MzM2NTgxNDUuMjEyNDU0NiJ9fQ%3D%3D&site_id=visit-california-prod
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.94.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-94-255.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fa427ab7b38b43a40d88fe844ff3d869ed5dcaa11f5c4e817467b7f2b2bff75a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

Connection: keep-alive
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 155
Date: Sun, 08 Dec 2024 11:42:25 GMT
Content-Type: application/json
Server: nginx
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202411.1.0/ 462 KB
112 KB 20ms
20ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202411.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5e5da9ad3458d5cbdf9c3262174f7689b8e42a1c7acf3675f7b2feb19afcf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: 8fF3bQBAtsTV4Scm1Tq+rA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD141864E1A335
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 7039
x-content-type-options: nosniff
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:01:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 2371e7f4-d01e-0086-3f09-46c758000000
cf-ray: 8eec7df1ed23d36e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 114429
x-ms-blob-type: BlockBlob
server: cloudflare

OPTIONS
H2 204 e
localhood.com/ Frame 0
0 218ms
143ms Preflight
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://localhood.com/e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gcpf4.530028.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-length: 0
content-type: text/html
date: Sun, 08 Dec 2024 11:42:25 GMT
server: Google Frontend
vary: Access-Control-Request-Headers
x-cloud-trace-context: 11b9778fa5c041f323093216ba57d220;o=1
x-powered-by: Express

POST
H2 200 e Show response
localhood.com/ 24 B
178 B 202ms
201ms XHR
application/json 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://localhood.com/e
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: f89450f46611dec9b2d9a82cc858b4f24dfb8fb2d1ca4222d2d392577b7f6643

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://gcpf4.530028.xyz/

Response headers

etag: W/"18-E5bsDx6EM/QoUOPSNyvWiWvBdq0"
access-control-allow-origin: *
content-length: 24
date: Sun, 08 Dec 2024 11:42:26 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: Google Frontend
x-cloud-trace-context: c0d6c08adb359b51f7d762a476a432b9
vary: Accept-Encoding

GET
H2 200 thumbnail.jpg
amptravel.imgix.net/bbf6f2cf-c24f-4627-ad8f-cf4e28fcb81f/amp/ 14 KB
15 KB 82ms
9ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amptravel.imgix.net/bbf6f2cf-c24f-4627-ad8f-cf4e28fcb81f/amp/thumbnail.jpg?fm=jpg&q=60&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&w=231&h=411&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1f1058fe157860396654054f0c291f5265bc5d67e452edd66d70ccb9145cc12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 572777
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Sun, 01 Dec 2024 20:36:08 GMT
x-served-by: cache-fra-etou8220124-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14617
server: imgix
x-imgix-id: 7b2fd352b94669d70ff1f7de5f6331623d796a63

GET
H3 200 logo.png
storage.googleapis.com/stories-prod/publisher/los-osos-and-baywood/ 124 KB
124 KB 63ms
29ms Image
image/png 172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/stories-prod/publisher/los-osos-and-baywood/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: ccbb83b2d4213d9e9e633a0841c3ecc3b7736c794e79f6715141ba363c48f0e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=SflXkQ==, md5=ZZRFhBGahV7v0wRIq1TpZQ==
etag: "65944584119a855eefd30448ab54e965"
age: 3271
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:47:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 127440
date: Sun, 08 Dec 2024 10:47:54 GMT
last-modified: Wed, 02 Jun 2021 15:02:20 GMT
content-type: image/png
x-guploader-uploadid: AFiumC5z3St8-LaeUl8BXRGPB51qBvxO-Yhs69FV-p-_scZWfHmBmXeWx_eelOPkVhONCri8eVkgdzXZoA
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1622646140218679
content-length: 127440
server: UploadServer

GET
H2 200 thumbnail.jpg
amptravel.imgix.net/caa8304e-10e0-4866-900d-db90cda0a278/amp/ 12 KB
12 KB 86ms
14ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amptravel.imgix.net/caa8304e-10e0-4866-900d-db90cda0a278/amp/thumbnail.jpg?fm=jpg&q=60&fit=crop&crop=focalpoint&fp-x=0.40625&fp-y=0.6493506493506493&w=231&h=411&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ed9f570bc819eda2c3d05e8f74689d73607f6f66827c150ca31b09cbc0f60f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 403092
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Tue, 03 Dec 2024 19:44:13 GMT
x-served-by: cache-fra-etou8220124-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12286
server: imgix
x-imgix-id: e08b01394b0634e4b789a70056da9cb74ec2045d

GET
H3 200 logo-1701736376882792768.png
storage.googleapis.com/stories-prod/publisher/fresno-clovis-convention-and-visitors-bureau/ 77 KB
77 KB 75ms
41ms Image
image/png 172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/stories-prod/publisher/fresno-clovis-convention-and-visitors-bureau/logo-1701736376882792768.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: 53b2f86e4e452994e9530792d09fec87860bdcfd69b81d43a2020e90c1819cca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=2PxoeA==, md5=V+WmaAfNFC7agzuZmMBvrA==
etag: "57e5a66807cd142eda833b9998c06fac"
age: 3284
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:47:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 78679
date: Sun, 08 Dec 2024 10:47:41 GMT
last-modified: Tue, 05 Dec 2023 00:32:56 GMT
content-type: image/png
x-guploader-uploadid: AFiumC5fnDV70UhCIUjho1tewJ08S9JLnULX1MOCXD1rh5rtCh6wBeUiWMsO8SSLA4pYEQDcO9kXn8qbaA
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1701736376952667
content-length: 78679
server: UploadServer

GET
H2 200 thumbnail.jpg
amptravel.imgix.net/99c6dbad-364a-451a-b284-0297fe64e7ba/amp/ 17 KB
17 KB 97ms
26ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amptravel.imgix.net/99c6dbad-364a-451a-b284-0297fe64e7ba/amp/thumbnail.jpg?fm=jpg&q=60&fit=crop&crop=focalpoint&fp-x=0.341421143847487&fp-y=0.5376623376623376&w=231&h=411&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6c7495abb5ecbb37bbe898336c89c6a5fce7af0c216b0a5cd016e96a1b284c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 118761
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Sat, 07 Dec 2024 02:43:04 GMT
x-served-by: cache-fra-etou8220124-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17008
server: imgix
x-imgix-id: 7d1980ff13a292db21e10faeada0bc84847460e7

GET
H3 200 logo.png
storage.googleapis.com/stories-prod/publisher/discover-siskiyou/ 16 KB
16 KB 79ms
45ms Image
image/png 172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/stories-prod/publisher/discover-siskiyou/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: 9a3c4cc2c01070bdccd0b1fb06fd8d89cd22f2e200318f8475ea9b79c527a481

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=Q9TQzQ==, md5=nzSHACANNgG5GKkrQqiwPw==
etag: "9f348700200d3601b918a92b42a8b03f"
age: 3271
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:47:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 15948
date: Sun, 08 Dec 2024 10:47:54 GMT
last-modified: Tue, 23 Feb 2021 15:26:34 GMT
content-type: image/png
x-guploader-uploadid: AFiumC5dyrvYIEDaxsLOpKdRO1V0jSYrxw1QXpzoGjagJADgK-x3zyi5MYtfj3VSscRNPbhiJWJ-SdtDhw
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1614093994485031
content-length: 15948
server: UploadServer

GET
H2 200 thumbnail.png
amptravel.imgix.net/723b9a72-592a-4aa1-a558-b4b09d3cb538/amp/ 25 KB
25 KB 89ms
19ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amptravel.imgix.net/723b9a72-592a-4aa1-a558-b4b09d3cb538/amp/thumbnail.png?fm=jpg&q=60&fit=crop&crop=focalpoint&fp-x=null&fp-y=null&w=231&h=411&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a29741f24f0d11e8f64bf426dd7d7b05199d79755a708b01b837fca277ee429d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 500107
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Mon, 02 Dec 2024 16:47:18 GMT
x-served-by: cache-fra-etou8220124-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25537
server: imgix
x-imgix-id: 113a70ebf108c3d2137d578525b2bfaad9de18c2

GET
H3 200 logo-1706313171888329141.png
storage.googleapis.com/stories-prod/publisher/visit-california/ 50 KB
50 KB 76ms
44ms Image
image/png 172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/stories-prod/publisher/visit-california/logo-1706313171888329141.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: 6b292c62d4629cad8cda2dc9c64bd5e1a765d256482228ba75818585df38ddcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=L4bezA==, md5=UiqhEE0iDVKhFibX7XAq3g==
etag: "522aa1104d220d52a11626d7ed702ade"
age: 3284
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:47:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 50876
date: Sun, 08 Dec 2024 10:47:41 GMT
last-modified: Fri, 26 Jan 2024 23:52:52 GMT
content-type: image/png
x-guploader-uploadid: AFiumC7Gde8RYiaOm8093724hMO-nY_1c2wD8WcohRCfBzTle5Ylyn3W4zgAZNlAmx0oMcXUqrTaTLE26Q
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1706313171990048
content-length: 50876
server: UploadServer

GET
H2 200 thumbnail.jpg
amptravel.imgix.net/7b355f91-9240-4eb6-a821-714392ee95f3/amp/ 18 KB
18 KB 109ms
39ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amptravel.imgix.net/7b355f91-9240-4eb6-a821-714392ee95f3/amp/thumbnail.jpg?fm=jpg&q=60&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&w=231&h=411&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

236666f9ffa460a7d203b5a56db8e294506beee0fc73e27fd306bddabcf6933d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 2003266
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Fri, 15 Nov 2024 07:14:40 GMT
x-served-by: cache-fra-etou8220124-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18648
server: imgix
x-imgix-id: 8c191ef5cf0dbd6aab5398f432bc52b53d975631

GET
H3 200 logo.png
storage.googleapis.com/stories-prod/publisher/explore-elk-grove/ 37 KB
37 KB 59ms
28ms Image
image/png 172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/stories-prod/publisher/explore-elk-grove/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: 583d6b197b6151b98393ab8add069ed5dd25c46a28c0c75c2591adabd46851c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=sH+IsQ==, md5=wd4bnU+wPOIJRn0tDF6PfQ==
etag: "c1de1b9d4fb03ce209467d2d0c5e8f7d"
age: 3280
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:47:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 37390
date: Sun, 08 Dec 2024 10:47:45 GMT
last-modified: Wed, 31 Aug 2022 17:32:16 GMT
content-type: image/png
x-guploader-uploadid: AFiumC7tApHIGVPIZrIxFsoukAvaLklTiz93jnLAa-rd3gIow2h71Rg5gwejiHvtbRPJOGJFwCl5KAsrFA
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1661967136245791
content-length: 37390
server: UploadServer

GET
H2 200 thumbnail.jpg
amptravel.imgix.net/e1dbc535-7b64-4f62-bcbb-429efeed97a3/amp/ 17 KB
17 KB 103ms
34ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amptravel.imgix.net/e1dbc535-7b64-4f62-bcbb-429efeed97a3/amp/thumbnail.jpg?fm=jpg&q=60&fit=crop&crop=focalpoint&fp-x=0.3951473136915078&fp-y=0.7168831168831169&w=231&h=411&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2f682191605bf4cbb279f0df37158bd27082ce6dead0419e265f5a09c44a7afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 356938
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Wed, 04 Dec 2024 08:33:27 GMT
x-served-by: cache-fra-etou8220124-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17285
server: imgix
x-imgix-id: f58858383a39ba0a6c5a0f3039bdc922303edb2f

GET
H3 200 logo.png
storage.googleapis.com/stories-prod/publisher/visit-camarillo-vca/ 12 KB
12 KB 82ms
51ms Image
image/png 172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/stories-prod/publisher/visit-camarillo-vca/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: 00a87bbd6578b2f21949851c203ed4c2b0dffcdbea87567b84ed05873b1f0259

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=npM0kA==, md5=PanL9tdbGoqGcIWt6U3ThQ==
etag: "3da9cbf6d75b1a8a867085ade94dd385"
age: 3284
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:47:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 11916
date: Sun, 08 Dec 2024 10:47:41 GMT
last-modified: Wed, 02 Mar 2022 20:10:44 GMT
content-type: image/png
x-guploader-uploadid: AFiumC5bnXM29ae5-xrSliCbCGEDL8_c3aQkJ8cT-HeiHAAibe--htfOiDfgJ9U0wdfqmv7tCr4GaOq5uQ
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1646251844407783
content-length: 11916
server: UploadServer

GET
H2 200 thumbnail.jpg
amptravel.imgix.net/4a0ec23a-3e5a-41dd-aef9-95d511443aff/amp/ 33 KB
33 KB 24ms
24ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amptravel.imgix.net/4a0ec23a-3e5a-41dd-aef9-95d511443aff/amp/thumbnail.jpg?fm=jpg&q=60&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&w=231&h=411&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d528157fc2276b7fc74b62b63d4f972d07a4cbcf1226c15c54b080c93e09d52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 125908
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Sat, 07 Dec 2024 00:43:57 GMT
x-served-by: cache-fra-etou8220124-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33962
server: imgix
x-imgix-id: 0abbf52c17b6ae270bd938c14fbf261cc79fb5bd

GET
H3 200 logo.png
storage.googleapis.com/stories-prod/publisher/el-dorado-county-visitors-authority/ 32 KB
32 KB 62ms
32ms Image
image/png 172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/stories-prod/publisher/el-dorado-county-visitors-authority/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: 3c7181b8ad378d2ac516a15109fc3803b7f5b150ddbe57ff5f62728adc9aa061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=WPv1kg==, md5=FYQG4Zvrx5cTxSEoATIxsA==
etag: "158406e19bebc79713c52128013231b0"
age: 3280
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:47:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32269
date: Sun, 08 Dec 2024 10:47:45 GMT
last-modified: Mon, 01 Nov 2021 18:25:31 GMT
content-type: image/png
x-guploader-uploadid: AFiumC5PvIHo8gVxExl_-81ubQe58YehaI1nxMV3WK0xVCDENOu8_0reZRENjwTvl9lh_0uvkFvynWvFmg
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1635791131047934
content-length: 32269
server: UploadServer

GET
H2 200 thumbnail.jpg
amptravel.imgix.net/f06976e5-7b21-4726-9ab4-4d6a211362ed/amp/ 17 KB
17 KB 32ms
31ms Image
image/avif 2a04:4e42:400::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amptravel.imgix.net/f06976e5-7b21-4726-9ab4-4d6a211362ed/amp/thumbnail.jpg?fm=jpg&q=60&fit=crop&crop=focalpoint&fp-x=0.5&fp-y=0.5&w=231&h=411&auto=format

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cc721ad36281bd508bd04f41ecc8f9c9a3c7f2acb5c64eb7c9516a44a5679a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 1033867
x-content-type-options: nosniff
x-cache: HIT
date: Sun, 08 Dec 2024 11:42:25 GMT
last-modified: Tue, 26 Nov 2024 12:31:18 GMT
x-served-by: cache-fra-etou8220124-FRA
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17330
server: imgix
x-imgix-id: da517e4dd7494a8d1d7945b9fab2cdd1b9105bec

GET
H3 200 logo.png
storage.googleapis.com/stories-prod/publisher/claremont-vca/ 27 KB
27 KB 80ms
50ms Image
image/png 172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/stories-prod/publisher/claremont-vca/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: 2fc0a6d8f284390ca9224e8b010cdce6e544f12fe3a20e984ee7d66022d728cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=Hd6Kzw==, md5=M/XqHsR1pH+6nRTP4ivkqw==
etag: "33f5ea1ec475a47fba9d14cfe22be4ab"
age: 3284
x-goog-stored-content-encoding: identity
expires: Sun, 08 Dec 2024 11:47:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 28101
date: Sun, 08 Dec 2024 10:47:41 GMT
last-modified: Tue, 14 Jun 2022 01:57:46 GMT
content-type: image/png
x-guploader-uploadid: AFiumC7TsayP-MMHhUFOk7QyRuG1K3fwQjAb720E4T8toP_ao1Vv7AaKgBcIMfr-GjixzJr1yPeO42MEaw
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1655171866661495
content-length: 28101
server: UploadServer

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 28ms
28ms Image
image/gif 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=299014458&t=event&_s=2&dl=https%3A%2F%2Fgcpf4.530028.xyz%2F&ul=de-de&de=UTF-8&dt=Visit%20California%20-%20Official%20Travel%20%26%20Tourism%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Gallery&ea=gallery-loaded&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1474748383.1733658145&tid=UA-136517477-7&_gid=1524565551.1733658145&gtm=457e4c40za200zb832329070&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&jsscut=1&npa=1&z=473804386

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

age: 65855
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 17:24:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/31742eae-8d5d-49c6-ae00-4381f8d8076d/019073e4-50b4-706e-bb18-35ec37b51e6e/ 145 KB
26 KB 196ms
196ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/31742eae-8d5d-49c6-ae00-4381f8d8076d/019073e4-50b4-706e-bb18-35ec37b51e6e/en.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38c7a1bdb5514702793f65a21ae59db8ec104aff506ff19cdebc9a49fa0f4df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: qv2NVAk1/sHBB+xEGwDsjw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: MISS
etag: 0x8DD1308765176B6
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
x-content-type-options: nosniff
expires: Mon, 09 Dec 2024 11:42:25 GMT
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json
last-modified: Mon, 02 Dec 2024 19:35:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 9ae54578-101e-005c-6c66-496273000000
cf-ray: 8eec7df26f324d64-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26679
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/ 9 KB
3 KB 103ms
102ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: axHCM7K/XWJYJsdaKqr9wQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD141861A7CAE1
x-ms-lease-status: unlocked
cf-cache-status: MISS
x-content-type-options: nosniff
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json
last-modified: Wed, 04 Dec 2024 04:01:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: c3c4cfad-901e-008a-4e66-4929a9000000
cf-ray: 8eec7df3c8974d64-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2597
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/ 5 KB
2 KB 65ms
64ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9d725ef2cdee742ed04a259f51752c31bbdcdcff0fedc38ac0f97b2d9146567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: VL7/bzB1LmOFgC4HofE5Ow==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD141862407938
x-ms-lease-status: unlocked
cf-cache-status: MISS
x-content-type-options: nosniff
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: application/json
last-modified: Wed, 04 Dec 2024 04:01:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 3a0817f3-a01e-0089-1d66-492aae000000
cf-ray: 8eec7df3c89a4d64-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1740
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/ 24 KB
4 KB 71ms
71ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: A9jekd5UoO8SyzJ6LiStug==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Dec 2024 11:42:25 GMT
content-type: text/css
last-modified: Wed, 04 Dec 2024 04:02:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: f2e4ff27-601e-0094-6e66-49f344000000
cf-ray: 8eec7df3c89c4d64-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/ 510 B
787 B 91ms
21ms Script
application/javascript 2606:4700::6811:9f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/lightbox.js?mb=1733658145988
Requested by: Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9f71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad769912174d24241a801d7d3ce501c20bdf02b793a896170863e1eea29d19b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 422
cf-ray: 8eec7df4ed99d396-FRA
access-control-allow-origin: *
date: Sun, 08 Dec 2024 11:42:26 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Sun, 08 Dec 2024 11:33:18 GMT

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
209 B 307ms
107ms XHR
text/plain 18.214.86.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.86.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-86-103.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://gcpf4.530028.xyz/

Response headers

access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
content-length: 2
date: Sun, 08 Dec 2024 11:42:26 GMT
content-type: text/plain
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/ 55 KB
9 KB 29ms
29ms Script
application/javascript 2606:4700::6811:9f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/user.js?cb=638651879933402310
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/lightbox.js?mb=1733658145988
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9f71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efe8e69b4183690165f02ddbf9a3b01fa7cfe80a473d0f70e2a2e69ad205ff0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: rsJDhLMf0ucoDPpROYV1wA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 433589
content-encoding: br
expires: Mon, 08 Dec 2025 11:42:26 GMT
date: Sun, 08 Dec 2024 11:42:26 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:56:56 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: b194178e-501e-0038-3a69-245969000000
cf-ray: 8eec7df51e67d396-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 main.js Show response
www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/ 504 KB
125 KB 29ms
28ms Script
application/javascript 2606:4700::6811:9f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/main.js?cb=42BB9AE97101D9C98275AFFD1EB28CE4
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/user.js?cb=638651879933402310
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9f71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e49b7bd93a0759fcfcdf05e6c6a786e3611b8a8cde28c3cb032987c04d1aa12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: Qrua6XEB2cmCda/9HrKM5A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 447677
content-encoding: br
expires: Mon, 08 Dec 2025 11:42:26 GMT
cf-polished: origSize=516606
date: Sun, 08 Dec 2024 11:42:26 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:56:56 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-ms-request-id: 68bc39d2-701e-000d-4301-24f73c000000
cf-ray: 8eec7df54f05d396-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 6 KB
2 KB 19ms
18ms Stylesheet
text/css 2606:4700::6811:9f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=20240725
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/main.js?cb=42BB9AE97101D9C98275AFFD1EB28CE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9f71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb01e8dc3b08f6ba67da7fe99808c445bda0a326f9341936079b516d4ec86a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: q4B4xYJoZwx9ikt94o1nCA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-CbModifiedTime,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 119476
content-encoding: br
expires: Wed, 08 Jan 2025 11:42:26 GMT
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
date: Sun, 08 Dec 2024 11:42:26 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
vary: Accept-Encoding
cache-control: public, max-age=2678400
x-ms-request-id: bd4b87d0-101e-003f-08e1-3fafec000000
cf-ray: 8eec7df5a82ed396-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 z Show response
api.lightboxcdn.com/z9gd/42250/gcpf4.530028.xyz/jsonp/ 684 B
1 KB 805ms
125ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lightboxcdn.com/z9gd/42250/gcpf4.530028.xyz/jsonp/z?cb=1733658146188&dre=l&callback=jQuery112407716986647710196_1733658146178&_=1733658146179
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ecf02caa-d5f0-4d51-833f-c6ccee9a588e/main.js?cb=42BB9AE97101D9C98275AFFD1EB28CE4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 05f09ec20c6a510ddd458479eee142c0c5334d366980e2e507a3189e5868b0af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-encoding: gzip
date: Sun, 08 Dec 2024 11:42:26 GMT
content-type: application/javascript
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
259 B 20ms
20ms Image
image/gif 2606:4700::6811:9f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1733658146183&h=gcpf4.530028.xyz&e=p&u=42250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9f71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: KNaBTzCeoon4R8ac+RGUxg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-CbModifiedTime,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
etag: 0x8DAD3F8864E2F29
x-ms-version: 2009-09-19
cf-cache-status: HIT
age: 726729
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
date: Sun, 08 Dec 2024 11:42:26 GMT
content-type: image/gif
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
vary: Accept-Encoding
x-ms-request-id: 0761c30c-701e-0042-5558-423324000000
cf-ray: 8eec7df5b844d396-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK engagement Show response
people.api.boomtrain.com/v1/scores/ 26 B
340 B 120ms
119ms XHR
application/json 54.160.94.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/v1/scores/engagement?data=eyJzaXRlX2lkIjoidmlzaXQtY2FsaWZvcm5pYS1wcm9kIiwiYnNpbiI6InQ5V3o5WTRPdXpNaFhNZ1ZuWmdsTFMyOWMzK2J5S1dTSWFrUVcwL0Y2OVJnZWkyRWl4bVpicXY2eHdGVFFFUy9GWVZ0a3ZnZFpvYVNWOGtnT0Y2RzFnPT0ifQ%3D%3D&site_id=visit-california-prod
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.94.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-94-255.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7983dda92999fb9a5fdd1f722d6ae0c87b6b422258cf75cf718d217a798669b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

Connection: keep-alive
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 26
Date: Sun, 08 Dec 2024 11:42:27 GMT
Content-Type: application/json
Server: nginx
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
130 B 22ms
22ms Image
image/gif 2606:4700::6811:9f71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1733658147004&h=gcpf4.530028.xyz&e=p&u=42250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9f71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

content-md5: KNaBTzCeoon4R8ac+RGUxg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-CbModifiedTime,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
etag: 0x8DAD3F8864E2F29
x-ms-version: 2009-09-19
cf-cache-status: HIT
age: 726730
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
date: Sun, 08 Dec 2024 11:42:27 GMT
content-type: image/gif
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
vary: Accept-Encoding
x-ms-request-id: 0761c30c-701e-0042-5558-423324000000
cf-ray: 8eec7dfadf53d396-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK segments Show response
api.zetaglobal.net/people/t9Wz9Y4OuzMhXMgVnZglLS29c3%2BbyKWSIakQW0%2FF69Rgei2EixmZbqv6xwFTQES%2FFYVtkvgdZoaSV8kgOF6G1g%3D%3D/ 2 B
932 B 460ms
143ms XHR
application/json 3.224.14.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zetaglobal.net/people/t9Wz9Y4OuzMhXMgVnZglLS29c3%2BbyKWSIakQW0%2FF69Rgei2EixmZbqv6xwFTQES%2FFYVtkvgdZoaSV8kgOF6G1g%3D%3D/segments?segment_ids%5B%5D=216372&site_id=visit-california-prod

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.14.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-14-217.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

X-Request-Id: fb962e3d-4cf4-43c9-8a0f-e1d9747aa922
Content-Encoding: gzip
ETag: W/"6c31f3a49e99db1c1662973404943846"
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Date: Sun, 08 Dec 2024 11:42:27 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
X-Runtime: 0.049090
Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept, authorization, x-prototype-version
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000;
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Request-Methods: GET
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Server: nginx

GET
H2 200 page-data.json
gcpf4.530028.xyz/page-data/road-trips/ 0
21 KB 180ms
180ms Other
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/road-trips/page-data.json

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/app-0b9ebd39eed651a9fdc9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://gcpf4.530028.xyz/

Response headers

strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cc5-17eaf"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:27 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:25 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

GET
H2 200 page-data.json
gcpf4.530028.xyz/page-data/experience/fall-2022-deals-california/ 0
18 KB 259ms
259ms Other
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/experience/fall-2022-deals-california/page-data.json

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/app-0b9ebd39eed651a9fdc9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://gcpf4.530028.xyz/

Response headers

strict-transport-security: max-age=31536000
x-sucuri-cache: REVALIDATED
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cc3-1030d"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:27 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:23 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

GET
H2 200 page-data.json
gcpf4.530028.xyz/page-data/experience/where-see-holiday-lights-california/ 0
12 KB 179ms
179ms Other
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/experience/where-see-holiday-lights-california/page-data.json

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/app-0b9ebd39eed651a9fdc9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://gcpf4.530028.xyz/

Response headers

strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cc3-9779"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:27 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:23 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

GET
H2 200 page-data.json
gcpf4.530028.xyz/page-data/places-to-visit/ 0
19 KB 179ms
179ms Other
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/places-to-visit/page-data.json

Requested by

Host: gcpf4.530028.xyz
URL: https://gcpf4.530028.xyz/app-0b9ebd39eed651a9fdc9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gcpf4.530028.xyz
Referer: https://gcpf4.530028.xyz/

Response headers

strict-transport-security: max-age=31536000
x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cbf-1c900"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:27 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:19 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

GET
H2 200 page-data.json Show response
gcpf4.530028.xyz/page-data/road-trips/ 96 KB
0 0ms
0ms XHR
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/road-trips/page-data.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

f655865c8416172e8dabc3aff036c29ab6e10f4eac30be4cdef920589b5ed178

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cc5-17eaf"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:27 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:25 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

GET
H2 200 page-data.json Show response
gcpf4.530028.xyz/page-data/experience/where-see-holiday-lights-california/ 38 KB
0 1ms
1ms XHR
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/experience/where-see-holiday-lights-california/page-data.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

16976d43a6cb2cef1a7d758e0b05741ddf6345a2ff1f5df8e6cd45f8de93860b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cc3-9779"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:27 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:23 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

GET
H2 200 page-data.json Show response
gcpf4.530028.xyz/page-data/places-to-visit/ 114 KB
0 0ms
0ms XHR
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/places-to-visit/page-data.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

f498ccfa6d4466a0ecbd15b531224cd0c9b0cbbed06481aa60afdebe8f375edf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: HIT
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cbf-1c900"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:27 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:19 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

GET
H2 200 page-data.json Show response
gcpf4.530028.xyz/page-data/experience/fall-2022-deals-california/ 65 KB
0 0ms
0ms XHR
application/json 35.212.177.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gcpf4.530028.xyz/page-data/experience/fall-2022-deals-california/page-data.json

Requested by

Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.212.177.236 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

236.177.212.35.bc.googleusercontent.com

Software

Caddy, nginx /

Resource Hash

925d6f0d87d9512b9391f76a1dd53dac2028b4804f4293c47df67c5567f3c372

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gcpf4.530028.xyz/

Response headers

x-sucuri-cache: REVALIDATED
x-sucuri-id: 11005
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
etag: W/"67544cc3-1030d"
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:27 GMT
x-xss-protection: 1; mode=block
content-type: application/json
last-modified: Sat, 07 Dec 2024 13:25:23 GMT
server: Caddy, nginx
x-frame-options: SAMEORIGIN

POST
H3 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 35 KB
4 KB 132ms
128ms XHR
application/json 142.250.186.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f20.1e100.net
Software: gunicorn /
Resource Hash: e4cb9db9c633fbce4bdb19714e51f88c022b29c29eadfe26cea2861b34641573

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:29 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

POST
H3 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 41 KB
4 KB 135ms
128ms XHR
application/json 142.250.186.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f20.1e100.net
Software: gunicorn /
Resource Hash: 4cee0ef6c7e8df2337e98b6b2b1094800970b5ff4e3c73c6521b8def54b1a169

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:29 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

POST
H3 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 39 KB
4 KB 147ms
138ms XHR
application/json 142.250.186.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f20.1e100.net
Software: gunicorn /
Resource Hash: cacf68a8f1f30651c577395686cf6a9d688b0645066953303a857899a6c5e62f

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:29 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

POST
H3 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 39 KB
3 KB 142ms
131ms XHR
application/json 142.250.186.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f20.1e100.net
Software: gunicorn /
Resource Hash: 9116c1b4f7da913eb76959ec0df7ea87bd7a1e0d207b9057094dc79abdd753a1

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:29 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

POST
H3 200 / Show response
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/ 34 KB
3 KB 521ms
511ms XHR
application/json 142.250.186.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vcal-translation-dot-vca-translate-393817.uc.r.appspot.com/
Requested by: Host: cdn.requestmetrics.com
URL: https://cdn.requestmetrics.com/agent/current/rm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f20.1e100.net
Software: gunicorn /
Resource Hash: 77895e4e8fbb824b06e284706bcfb181df54dfabf69fa08b46695e0731c7fa1e

Request headers

Referer: https://gcpf4.530028.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
via: 1.1 google
access-control-allow-origin: https://gcpf4.530028.xyz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 08 Dec 2024 11:42:29 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: gunicorn

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412030101&jk=3350260733021097&bg=!l5SllNvNAAaIaF9IqGg7ADQBe5WfOGo3o_L0wqFDivHeV2YCygQGxwtHwanenO2T0WnoMoYZPLEjYtVlli3fZXnAd4vNAgAAAFlSAAAAA2gBB34ANvQwPMnmar4q7Pfmp-uiRao5lwML9f5Y-WWeYADwjKU_slXLPorso03ObUn0HlWNU6Gt8US2fJkCnLPdQpTWaCKyevOlmLIFw57r9odHj-NqonCJRKpwWWvi7TpZBru2fRkBPE3oAX9llBLYiVj3oivdvy8zKH9BOKy7UF1-rD9yBgXd-JHDUFJt9ZDgJTkmTrDKMtuQwpHdIlIowPYcFOg8wAjSoBOD4GZw37vLU2bMm5VhhsxMPKoe9RReTKL9sNzY8ClSEfz9UuAweGTl8zvGYzhTVArD62p7WHphp9DhmyoV5gSnNwAxZte9YhBlPyH7xYq1kHyFCG4lM3PDR_dvtn0WDZrqAKr837HsfoXmandsJZpKHHSdN2SP3yi-ZClCoeqjxs1yL3uJY28Ign1IwMAigtTVU9Gtw5V2Qyb3-KWRVAppHShwoJbuWDwjt_h5hVLFefPT7o84IE-P3gMBGygXedAcKw9AA15gC2VSWEqY0d2549m_93KxbfffADVrtfVsJR7bqN6wVRczfxa5vF-HAHM-S6niKr-twAQC7BNE3COakorugKcFRkjSbJLzPMLQOQBq_PcBcTRJWLHOwMQ54Z0_ykBR00x_sO_DrE_PBpDqPnDei4Y2yYu3E6gw-KtAmuGxgfyIyK7jd-om_ptgkiSD492XA1WyBCxmPpZbcu2TwZwq14ebl1eZXfSOdHPqTA7MyFbrxg2dvHjx6SXYmfE1mBqPZRWxNs2EjXZDpCR3392v4VlbhTEIfyS-FBwMTyBvBkIP834NNPnnE66NGFdnIjMmZwpvZusPUItgeGR8AJiOtnDdVv63K_shuTkjqqFrw805VlNSQy_Bwtmw-RgkkjErXEFRwnSQU4KJL7cWD3Wk-whRCNyMVREbyBDrb0fGzubPclQpt2sEFXwnaRARXidlJdU7BgUlgORWIxI8Kk--ju-5iBaxEo7UO8sQ

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gcpf4.530028.xyz/	1970-01-21 11:10:18	Name: __opix_uid Value: 1-iopx4uv9-m4fjap4l
io.narrative.io/	1970-01-21 11:10:18	Name: io.narrative.guid.v2 Value: c4bd3b28-cf05-4f3a-9adf-c2a5ef8ea53a
gcpf4.530028.xyz/	1969-12-31 23:59:59	Name: target_language Value: de
.530028.xyz/	1970-01-21 03:43:54	Name: _gcl_au Value: 1.1.497017315.1733658145
.rezync.com/	1970-01-21 05:53:30	Name: zync-uuid Value: 3e79f006-feef-4ce2-87eb-ae1a71f2f2d0:1733658145.2124546
.530028.xyz/	1970-01-21 10:19:54	Name: _hjSessionUser_2553354 Value: eyJpZCI6IjYyN2RiNDcwLTc2ZTAtNWQ4ZS04NjVkLTliNWYxN2ZmOTU0YiIsImNyZWF0ZWQiOjE3MzM2NTgxNDUzMTMsImV4aXN0aW5nIjpmYWxzZX0=
.530028.xyz/	1970-01-21 01:34:19	Name: _hjSession_2553354 Value: eyJpZCI6ImJlMGU4NzYzLTNjZTgtNDAzMi1iZGVjLWE2MmFjZTlmMjhlYSIsImMiOjE3MzM2NTgxNDUzMTMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.gcpf4.530028.xyz/	1970-01-21 11:10:18	Name: sc_is_visitor_unique Value: rx12545707.1733658145.DF4E59E72B6346DE9969D537F665BE70.1.1.1.1.1.1.1.1.1
.530028.xyz/	1970-01-21 11:10:18	Name: _ga Value: GA1.2.1474748383.1733658145
.530028.xyz/	1970-01-21 01:35:44	Name: _gid Value: GA1.2.1524565551.1733658145
.530028.xyz/	1970-01-21 01:34:18	Name: _gat_gtag_UA_136517477_7 Value: 1
.530028.xyz/	1970-01-21 01:34:21	Name: _bts Value: a4d09fd6-9905-4d52-c848-55dd7fc150bf
.statcounter.com/	1970-01-21 11:10:18	Name: is_unique Value: sc12545707.1733658145.0
.statcounter.com/	1970-01-21 11:10:18	Name: is_visitor_unique Value: 1733658145367686908
.rfihub.com/	1970-01-21 10:55:54	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3NjQ1NTUzMTMzNxPiM9Q1zQ12Kk0JDy7NzTUFAG2yR88lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3NjQ1NTUzMTMzNxPiM9Q1zQ12Kk0JDy7NzTUFAG2yR88lAAAA
.adnxs.com/	1970-01-21 11:10:18	Name: receive-cookie-deprecation Value: 1
.demdex.net/	1970-01-21 05:53:30	Name: demdex Value: 25303708813204053243843039647981030496
.casalemedia.com/	1970-01-21 10:19:54	Name: CMID Value: Z1WGIbmqPJMAAE6PBjk1hQAA
.casalemedia.com/	1970-01-21 03:43:54	Name: CMPS Value: 1216
.casalemedia.com/	1970-01-21 03:43:54	Name: CMPRO Value: 1216
.eyeota.net/	1970-01-21 01:34:18	Name: SERVERID Value: 21597~DM
.dpm.demdex.net/	1970-01-21 05:53:30	Name: dpm Value: 25303708813204053243843039647981030496
.media.net/	1970-01-21 10:19:54	Name: visitor-id Value: 3766597458173247000V10
.media.net/	1970-01-21 10:18:27	Name: data-rk Value: 5142336731555646676~~3
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXByRWAIAwFwIvtxJc9aDegP4VQOTP7KkM9zZzUQJN_UBqFRRMyS1pbf36lzDKGeNwq6uF5AIttKT06AAAA
.rfihub.com/	1970-01-21 10:55:54	Name: eud Value: H4sIAAAAAAAA_13OLRICMQwF4IEBxaCqOESZNv1JltsskBwIWbkSWckROAJy5R4BhWQT-c2bvJe2OUZMqRaKuVQq3fhl_DZejL_G01b7adxtvtP-rE0B-t78d9B-OEyMg4RQvTCLzzcGT8hXP3IcMQoI3MPlf3SGCLnk2tyqaQCajGenl9pJ-weQzxjVSgEAAA
.530028.xyz/	1970-01-21 10:19:54	Name: _bti Value: %7B%22app_id%22%3A%22visit-california-prod%22%2C%22bsin%22%3A%22t9Wz9Y4OuzMhXMgVnZglLS29c3%2BbyKWSIakQW0%2FF69Rgei2EixmZbqv6xwFTQES%2FFYVtkvgdZoaSV8kgOF6G1g%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: PAe4nFzHMDJlBj1dvqMvNmbJFIAUZvosf3YdY6y_Y1E-1733658146073-0.0.1.1-604800000
live.rezync.com/	1970-01-21 05:53:30	Name: sd-session-id Value: .eJwNzNEKgzAMQNF_ybMdTZo0rj8jnaZQNt2w-jLZv6-PFy7ngulj-5o32w5Ix37aAPOr9mqQLmj1u9oTEggyhRA1oIhEjlEj_AZo1lp9b1Nd-hNM78X76IpZcTwbuVHt4bJhVixUaPEJtTMyIsuNkFi4O3_PSyZd.Z1WGIg.QpH6azY43BWBYvFP93iB179hue8
.api.lightboxcdn.com/	1970-01-21 01:34:21	Name: TiPMix Value: 61.88304286226184
.api.lightboxcdn.com/	1970-01-21 01:34:21	Name: x-ms-routing-name Value: self
.530028.xyz/	1970-01-21 11:10:18	Name: xdibx Value: N4Ig-mBGAeDGCuAnRIBcoAOGAuBnNAjAOwDMJAbAKwAcBALEQAyMEA0IGAbrAHbZoAmdrnypiZKrQbM2HTrl79UQkIiQAbNCBDt1GrQHodIdXkKkKNekxYBfdhBgZEAU05pQAEwCGAT1EA2uKWUjYCALr24FDQbi58osBRjnAAlp5akJ7kAgTUkAQAtJQCsESFdHTUsIWQLjmF2Yyl1C4AZtTkkOSFwZL05HkkILZAA_

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 10) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://idsync.rlcdn.com/712236.gif?partner_uid=1-iopx4uv9-m4fjap4l Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20830662p.rfihub.com
amptravel.imgix.net
api.lightboxcdn.com
api.zetaglobal.net
c.statcounter.com
c1.rfihub.net
c5bc48686bc615a53e825055a4b5f751.safeframe.googlesyndication.com
cdn.boomtrain.com
cdn.cookielaw.org
cdn.requestmetrics.com
drupal-prod.visitcalifornia.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
events.api.boomtrain.com
g.amp.travel
gcpf4.530028.xyz
geolocation.onetrust.com
idsync.rlcdn.com
insight.adsrvr.org
io.narrative.io
js.adsrvr.org
live.rezync.com
localhood.com
pagead2.googlesyndication.com
people.api.boomtrain.com
pxl.datafyhq.com
script.hotjar.com
securepubads.g.doubleclick.net
static.amp.travel
static.hotjar.com
storage.googleapis.com
t.contentsquare.net
tpc.googlesyndication.com
us-central1-consumer-website-238721.cloudfunctions.net
vcal-translation-dot-vca-translate-393817.uc.r.appspot.com
via.placeholder.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.instagram.com
www.lightboxcdn.com
www.statcounter.com
ep1.adtrafficquality.google
104.20.94.138
108.138.15.119
13.32.27.54
142.250.185.100
142.250.185.130
142.250.186.84
157.240.0.174
172.217.18.123
172.217.23.98
172.66.43.201
18.214.86.103
18.244.18.53
18.66.102.11
18.66.122.52
193.0.160.130
20.40.202.0
2001:4860:4802:36::15
2001:4860:4802:36::36
216.239.32.178
216.239.36.54
216.58.212.162
2400:52e0:1e00::1080:1
2600:9000:2724:de00:1:76cf:fe80:93a1
2606:4700:4400::ac40:9b77
2606:4700::6811:9f71
2606:4700::6812:572a
2a00:1450:4001:802::201b
2a00:1450:4001:803::2008
2a00:1450:4001:806::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:828::2013
2a00:1450:4001:828::2014
2a00:1450:4001:830::200e
2a04:4e42:400::720
3.224.14.217
34.107.174.205
34.54.246.109
35.212.177.236
35.244.174.68
35.71.131.137
52.5.91.204
54.160.94.255
65.9.66.102
69.164.205.112
00a87bbd6578b2f21949851c203ed4c2b0dffcdbea87567b84ed05873b1f0259
02f964ec469bc98fb6990ac27211c6df1035e0ce2a0bf67575bdedcd6312cb71
03d7ae30c5155748cbfc90be3387fa73527d1bd7ac87959de0140b762b181647
05f09ec20c6a510ddd458479eee142c0c5334d366980e2e507a3189e5868b0af
0989d3a0df9d721725fe038f63cc494297007a3173147d6583e969ab12cb1b26
0bdc14b4be4e94f9632852f2a3dd7de94ffe204eac05a91c1064bf028f4457c9
0c50cc1320d63b1dbd4b7df95479d9f5b0afd32e0088ac428f3ae5fa9f046284
0c5e5da9ad3458d5cbdf9c3262174f7689b8e42a1c7acf3675f7b2feb19afcf7
0cc1ae5180a5da898086e2d0998b32022bfff4729867fc40307200ce8f93a86e
0f81f7ae4b468cd577eb83e4a2e07129c8f8a264c48f989ecda6b2c683e82424
16976d43a6cb2cef1a7d758e0b05741ddf6345a2ff1f5df8e6cd45f8de93860b
1e49b7bd93a0759fcfcdf05e6c6a786e3611b8a8cde28c3cb032987c04d1aa12
1f1058fe157860396654054f0c291f5265bc5d67e452edd66d70ccb9145cc12f
1fb073629a358cd9155c35c68f414dc8e111e2ffff55c33089e642cac8b1204c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
236666f9ffa460a7d203b5a56db8e294506beee0fc73e27fd306bddabcf6933d
24ab393b7c43ca70643a93e6ef959911371b4f77c314413d2dc06eb15f8aff6f
250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d
28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331
2f682191605bf4cbb279f0df37158bd27082ce6dead0419e265f5a09c44a7afc
2fc0a6d8f284390ca9224e8b010cdce6e544f12fe3a20e984ee7d66022d728cf
31e629ca95cab906ede98b24a427693d834d94c54533317c667f897b78e27f34
3369f4be7bfada024b8c5bc006360a792810d7601396fd7735ba93141608b405
34c199710f544759a0ad0b80653ccf01fa69b864134bda6f725bff73dc3ac2c6
35c074f93b228f96cc96180fccae25f9781cb941eb66d3067f244f147519dc84
38c7a1bdb5514702793f65a21ae59db8ec104aff506ff19cdebc9a49fa0f4df0
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3c7181b8ad378d2ac516a15109fc3803b7f5b150ddbe57ff5f62728adc9aa061
3cd821e898113fd988b2fd844052c13d3b51050a95e45f150f69876018e7281f
43256574c6a6ab405b5845d5e3001ee27feaade487edeb9161ce351707befb1b
4cee0ef6c7e8df2337e98b6b2b1094800970b5ff4e3c73c6521b8def54b1a169
4e69db36a202b85bc73d0e7cb77f5219d8de47051d33061518b627ac056cd76d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f9f7b9d49f18a59e424e9953a5ae10ebcf1f0ea8888e3fd532091f550ad1164
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
53b2f86e4e452994e9530792d09fec87860bdcfd69b81d43a2020e90c1819cca
5431c27eefe7946e2711e7497567de2742ae74b2bfc68df6c34ba2b31d2d5d87
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57e8a0b6b924486efb610cd3ec104ee7c3ff3db96c8a467238e14730dd7c5d2a
583d6b197b6151b98393ab8add069ed5dd25c46a28c0c75c2591adabd46851c4
6078c49b2f8a9196f2a2ad9f8294bdc68cfbdd76d23dca87060800c4ce9bbbc9
608242c41714bcf0ce0c6dc6befbfbd8a4c4fa6c97d88f5deec2f5238ba3e3fc
632065ebf74f55585df1f941d9e896e730f4f360f2de0b51c557121058dfeffe
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
68a5672dd13f52e1dc5380c3045c4a0ac3e7b6b01af00046cc04777115f5d505
6a23e2f8c8b6610312f1db7d0d40c665452f20379c58e48dc8839da146dfbb6d
6aaf35b445ebde12955d963661bd2f155a9a01ea26135a2be61dd36fd17541f5
6b292c62d4629cad8cda2dc9c64bd5e1a765d256482228ba75818585df38ddcf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9b9a045cfc82e71045ed0cb9d8d6e2cf13687c89611418e7c6f61dad665c33
6bb463ac36ef12be8174c2e51d47888cc8f8439f48676a2bf7698e9dd15e9384
6bcb47d0a18bbf00d4b8c88051c3cccd02ca08231feac182c027ee7fd733f763
6c7495abb5ecbb37bbe898336c89c6a5fce7af0c216b0a5cd016e96a1b284c8f
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
6ed43b51a02301f45dd7f0a68fa8ea0352367a06c7203bc8a1f118ebe2319491
74714a1dd5b6cdf068f0b158bb7899455249673a487e7ba6e0edc573bd4aa56f
77895e4e8fbb824b06e284706bcfb181df54dfabf69fa08b46695e0731c7fa1e
77f30cce021415728d4b997cc09fda90ee64f806159bc71ee5132201bf90cc38
78513e8df8f8c6c44df966086f515c9a852a2bad48bb50fb67a454d586240d5a
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7983dda92999fb9a5fdd1f722d6ae0c87b6b422258cf75cf718d217a798669b6
7c4f1a4cf8bed8134306bad1c4f0fcd1bc4415ce2ca698d93e84eefc5faa15bc
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
805255ead0cb114efc7f63986afc9f5e07f8dc6cc7092cfb8def2ada799af135
82c7a23d9d1373043ab2ef23f103d02af4542a1abbec078c5e8bfbf00cbed181
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84eda368a03f6acd41d4480e6471281e3421a19bbe08098c038ea41f214b66ba
8801a9be02a997c8dd4ede6749438cb15221ca0a7ccf9acc73875b72eff37e63
891749bde8a448b1176097ee85dd6ad16f2248f592fcb7ecb411dc149adc79df
8c045074b90fad4e2d59ad444ab1bda7f1583a590f4f8e4a8ee2e2fa102875da
9116c1b4f7da913eb76959ec0df7ea87bd7a1e0d207b9057094dc79abdd753a1
925d6f0d87d9512b9391f76a1dd53dac2028b4804f4293c47df67c5567f3c372
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
97b9c5a3ad219e2be2b99a81642efa864e282bf0a4bc7c137023620bd71b1060
9898cc923a79b191286afb3562d20d5ec3201492a5432e0625a8d4f4795281c0
9a3c4cc2c01070bdccd0b1fb06fd8d89cd22f2e200318f8475ea9b79c527a481
a29741f24f0d11e8f64bf426dd7d7b05199d79755a708b01b837fca277ee429d
a746fb08e1d4e8a13187442d9cd67d8ed4e18eb3b744fcec8789b5ac3a25750b
ad2a21b4a28ec325cbdcd1d332620f7117b66d574f51ebac80e7a37518d5aad6
ad769912174d24241a801d7d3ce501c20bdf02b793a896170863e1eea29d19b4
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
af9282d84eb61458a1640347148cd928f04010410950a4c1c60a23dacdaf895c
afeba33ae67b070fa6f3d824033de12271616fee3c530dba7c148e3ef1679e01
b522c863062c22bf6dc5af81031a9c397df7d53dc3366055c75a197194def0af
c3146c4b106cf855c4786a5ef182b537b47ddf6d3347be9499898f7a9b2a1805
c9d725ef2cdee742ed04a259f51752c31bbdcdcff0fedc38ac0f97b2d9146567
cacf68a8f1f30651c577395686cf6a9d688b0645066953303a857899a6c5e62f
cc721ad36281bd508bd04f41ecc8f9c9a3c7f2acb5c64eb7c9516a44a5679a8f
ccbb83b2d4213d9e9e633a0841c3ecc3b7736c794e79f6715141ba363c48f0e0
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf9a8aed2d3b15477ded6eb22cb8bc258ac9502841eb822372c712e7386a20b8
d2191676019b763556ec2f32bf3923dfa438955907120e1847f5380b9977f6c8
d2ebc07d9b48735de88287cbdcdab6f02070dddd7b237e8813a5098b6cf61845
d528157fc2276b7fc74b62b63d4f972d07a4cbcf1226c15c54b080c93e09d52a
d7918d06eb97a16e3bbdff8153388fb4f85db194c9f3f5af891bcea3fc99cb05
d7f1ca01128e1acda540c8a0d3e57e480dc12f188f0572e1e61c8f7441af8bcd
d8213cfaf3522cab6ebcad10712f8b2b5c93761dcba5fcb96182c2f801cd5b4a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de39bddb10708019e78194fe0ad937698be8cac04e0a0c765780b0cb61e1f7c8
dfd544cb682fce8d62fb3cd4c817e484dddbf2a0bdc2c03e7a334ec3ce53edd3
e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a
e306a55f53d75556cc48fe3bdbfb88920c77b7b36da6bd376b550cd9154ce27b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cb9db9c633fbce4bdb19714e51f88c022b29c29eadfe26cea2861b34641573
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ed9f570bc819eda2c3d05e8f74689d73607f6f66827c150ca31b09cbc0f60f56
ee326c0043473ac22a3e9392cf006476f6fe98ece7efcd747b90385023f947ac
efe8e69b4183690165f02ddbf9a3b01fa7cfe80a473d0f70e2a2e69ad205ff0a
f1cc7aede7f88eeb4347526216a57e0e02bb9a041517fadd9aa1ef485d4a2675
f498ccfa6d4466a0ecbd15b531224cd0c9b0cbbed06481aa60afdebe8f375edf
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f655865c8416172e8dabc3aff036c29ab6e10f4eac30be4cdef920589b5ed178
f89450f46611dec9b2d9a82cc858b4f24dfb8fb2d1ca4222d2d392577b7f6643
f8cd8c9efaa5858464f9779d46aba125864d0e04d44576d739c680620b582bfe
f95b16eb1f1c9e656399cbca8f42a79d7671320d743aa9d90245951fc2a54f73
fa427ab7b38b43a40d88fe844ff3d869ed5dcaa11f5c4e817467b7f2b2bff75a
fb1f54cd1c05570b21edb93fc316211d36b38b83ad11ae93d526ac560e1ed0d9
fc7358ecd48784cd1730ed21edfa3f9c5dc6de63112b069cc25acf50ff62bb41
fca2991a9d937fb463cfff4f400700e357bad14b19dfbe854e7e2d1eca461438
feb01e8dc3b08f6ba67da7fe99808c445bda0a326f9341936079b516d4ec86a3
fece2d2a07d1dc03088839678c81cf9899d92a024cbed4dd8cc858d8aea8e0f9
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
fff27f96b033956984a23a3ba11b734a8d1ef304923157c10e700502a2d031de

gcpf4.530028.xyz Open in urlscan Pro 35.212.177.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

154 Requests

99 %HTTPS

37 %IPv6

33 Domains

43 Subdomains

47 IPs

3 Countries

5193 kBTransfer

11292 kBSize

33 Cookies

19 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gcpf4.530028.xyz Open in urlscan Pro
35.212.177.236 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

99 %
HTTPS

37 %
IPv6

33
Domains

43
Subdomains

47
IPs

3
Countries

5193 kB
Transfer

11292 kB
Size

33
Cookies

154 HTTP transactions
8 data transactions