ghostcitytours.com Open in urlscan Pro
2606:4700:3108::ac42:2b82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ghostcitytours.com/
Effective URL:
https://ghostcitytours.com/
Submission: On June 01 via api (June 1st 2024, 7:02:08 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 20 domains to perform 73 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b82, located in United States and belongs to CLOUDFLARENET, US. The main domain is ghostcitytours.com.
TLS certificate: Issued by E1 on May 15th 2024. Valid for: 3 months.

This is the only time ghostcitytours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:310... 2606:4700:3108::ac42:2b82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1079:1	200325 (BUNNYCDN) (BUNNYCDN)
15	172.66.43.130 172.66.43.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3768	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	199.232.193.208 199.232.193.208	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.173.154.111 18.173.154.111	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:310... 2606:4700:3108::ac42:2af8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:209... 2600:9000:2090:1a00:b:cd06:4440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:310... 2606:4700:3108::ac42:2851	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.48.122.176 52.48.122.176	16509 (AMAZON-02) (AMAZON-02)
2	2a01:111:f100... 2a01:111:f100:3001::a83e:88b	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	44.215.206.200 44.215.206.200	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
73	28

6 2606:4700:3108::ac42:2b82 (United States)

ASN13335 (CLOUDFLARENET, US)

ghostcitytours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.trstplse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1079:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.66.43.130 (United States)

ASN13335 (CLOUDFLARENET, US)

ghostcitytours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.193.208 (United States)

ASN54113 (FASTLY, US)

js.peek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-111.muc50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2af8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:1a00:b:cd06:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.clixtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:2851 (United States)

ASN13335 (CLOUDFLARENET, US)

api.trstplse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.122.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-122-176.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:111:f100:3001::a83e:88b (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tracker.clixtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.215.206.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-206-200.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

ghostcitytours.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ghostcitytours.com ghostcitytours.com	280 KB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2248 ekr.zdassets.com — Cisco Umbrella Rank: 2556	223 KB
5	peek.com js.peek.com — Cisco Umbrella Rank: 97833	71 KB
4	trstplse.com a.trstplse.com — Cisco Umbrella Rank: 102459 api.trstplse.com — Cisco Umbrella Rank: 96560	38 KB
3	zendesk.com ghostcitytours.zendesk.com	978 B
3	clixtell.com scripts.clixtell.com — Cisco Umbrella Rank: 317340 tracker.clixtell.com — Cisco Umbrella Rank: 213098	33 KB
3	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5911 api.omappapi.com — Cisco Umbrella Rank: 5964	22 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5219	285 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	26 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	397 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095 www.google.com — Cisco Umbrella Rank: 2	318 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1984 heapanalytics.com — Cisco Umbrella Rank: 1452	38 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	183 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6508 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5812	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
73	20

	Domain	Requested by
21	ghostcitytours.com	ghostcitytours.com static.cloudflareinsights.com www.googletagmanager.com
8	static.zdassets.com	ghostcitytours.com static.zdassets.com
5	js.peek.com	ghostcitytours.com js.peek.com
3	ghostcitytours.zendesk.com	static.zdassets.com
3	api.trstplse.com	a.trstplse.com
3	pro.fontawesome.com	ghostcitytours.com pro.fontawesome.com
2	cdnjs.cloudflare.com	a.trstplse.com
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tracker.clixtell.com	scripts.clixtell.com
2	connect.facebook.net	ghostcitytours.com connect.facebook.net
2	www.googletagmanager.com	ghostcitytours.com www.googletagmanager.com
2	a.omappapi.com	ghostcitytours.com a.omappapi.com
1	www.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com	js.peek.com
1	heapanalytics.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	scripts.clixtell.com	ghostcitytours.com
1	ekr.zdassets.com	static.zdassets.com
1	api.omappapi.com	a.omappapi.com
1	cdn.heapanalytics.com	ghostcitytours.com
1	rum-static.pingdom.net	ghostcitytours.com
1	a.trstplse.com	ghostcitytours.com
1	static.cloudflareinsights.com	ghostcitytours.com
73	27

This site contains links to these domains. Also see Links.

Domain
ghostcity.shop

Subject Issuer	Validity	Valid
ghostcitytours.com E1	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
a.trstplse.com R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
zdassets.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
a.omappapi.com R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2023-10-14` - `2024-10-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
js.peek.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-03` - `2025-05-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-11` - `2024-06-09`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
omappapi.com GTS CA 1P5	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.clixtell.com Amazon RSA 2048 M02	`2023-07-13` - `2024-08-09`	a year	crt.sh
trstplse.com GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
ghostcitytours.zendesk.com E1	`2024-05-12` - `2024-08-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ghostcitytours.com/
Frame ID: 0E14CB639D2EB1AF18C9156847A00410
Requests: 61 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Frame ID: 730DCFE2BD065D7FB4E7AD903402BFB5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ghost City Tours | Ghost Tours in America's most haunted cities

Page URL History Show full URLs

http://ghostcitytours.com/ HTTP 307
https://ghostcitytours.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Peek (Widgets) Expand

Overall confidence: 100%
Detected patterns

js\.peek\.\w+

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

100 %
HTTPS

61 %
IPv6

20
Domains

27
Subdomains

28
IPs

5
Countries

1305 kB
Transfer

3441 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ghostcity.shop/
Title: Merchandise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ghostcitytours.com/ HTTP 307
https://ghostcitytours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ghostcitytours.com/
Redirect Chain

http://ghostcitytours.com/
https://ghostcitytours.com/

82 KB
15 KB

409ms
283ms

Document
text/html

2606:4700:3108::ac42:2b82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0205465a26d777130da924239140838d3bcdead47e334b41bcef44414c690d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88d174a1380e9769-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 01 Jun 2024 19:02:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff

Redirect headers

Location: https://ghostcitytours.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
ghostcitytours.com/assets/vendor/bootstrap/css/ 152 KB
24 KB 186ms
185ms Stylesheet
text/css 2606:4700:3108::ac42:2b82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/bootstrap/css/bootstrap.min.css

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

797981573b91eb46508d7c3d64fcd66ac7025abd264dc3e1c550dad2b503c070

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 10:43:47 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 88d174a30b339769-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
ghostcitytours.com/assets/css/ 56 KB
11 KB 509ms
508ms Stylesheet
text/css 2606:4700:3108::ac42:2b82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/css/main.css

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43856f335888d701d4b4eaa1694f261c13e60ef90a652fa2d57cd7d73feb00d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 Sep 2020 10:43:42 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=79658
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 88d174a30b369769-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 magnific-popup.css
ghostcitytours.com/assets/vendor/magnific-popup/ 6 KB
2 KB 260ms
259ms Stylesheet
text/css 2606:4700:3108::ac42:2b82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/magnific-popup/magnific-popup.css

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

595dafc00b877ac3ae42da6da13f2932eab236adf6e03b336e098cd2f89d7aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 Sep 2020 10:43:52 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=5948
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 88d174a30b3a9769-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.8.1/css/ 78 KB
16 KB 170ms
75ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: ghostcitytours.com
URL: https://ghostcitytours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c034c7c6fb0dd5bb7e8a626c040508a2cdf18308246f0a4e8dff1a729a61791

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Origin: https://ghostcitytours.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:01 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 607A4C2W5Y378WNZ
age: 6923850
x-amz-id-2: B19ss7FW4vgg1ExR7DmZBKK+ftzRucyLO67exXnHmdsndKioN7Tpt6wxw5dNMBb7lVnEB46g/PQ=
last-modified: Mon, 28 Jun 2021 17:38:26 GMT
server: cloudflare
etag: W/"ec709ded21f873fe093dd71a0803b8b5"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 88d174a39ef1a031-FRA

GET
H2 200 ghost-tours-logo-small.png
ghostcitytours.com/cdn-cgi/image/quality=60,f=auto,w=112,h=72/images/global/ 3 KB
3 KB 113ms
113ms Image
image/avif 2606:4700:3108::ac42:2b82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ghostcitytours.com/cdn-cgi/image/quality=60,f=auto,w=112,h=72/images/global/ghost-tours-logo-small.png

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21136ec612d987e8c249406a51be95d0942798f5a7d101d41cf7a4cb558046cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 3179
cf-resized: internal=ram/m q=0 n=0+0 c=0+0 v=2024.5.3 l=3179
last-modified: Mon, 28 Sep 2020 10:55:52 GMT
cf-bgj: imgq:60,h2pri
server: cloudflare
etag: "cfJlOcpU12nGLTfxoIHJdE7Wxq7SYwK5PSU2W9jugODQ"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88d174a31b689769-FRA

GET
H2 200 rocket-loader.min.js Show response
ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 42ms
42ms Script
application/javascript 2606:4700:3108::ac42:2b82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 24 May 2024 15:04:33 GMT
server: cloudflare
content-encoding: gzip
etag: W/"6650ac81-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 88d174a32b769769-FRA
expires: Mon, 03 Jun 2024 19:02:01 GMT

GET
H2 200 vef91dfe02fce4ee0ad053f6de4f175db1715022073587 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 217ms
123ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by: Host: ghostcitytours.com
URL: https://ghostcitytours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Origin: https://ghostcitytours.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:01 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.5.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 88d174a3bd1b9ba0-FRA

GET
H2 200 api.min.js Show response
a.trstplse.com/app/js/ 102 KB
33 KB 166ms
39ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.trstplse.com/app/js/api.min.js
Requested by: Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 87d9278738d57ef95f7bbf385f44a2e8f28eb59dbd28edd42df9348290eb7ef4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-661
cdn-cachedat: 05/01/2024 08:02:32
cdn-pullzone: 293676
last-modified: Wed, 28 Feb 2024 17:08:37 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 767
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65df6895-19866"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cca1b4bdab7b2060f48a6da0190b3a22
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 203ms
77ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=1d4b22bf-b8ec-45c8-8974-d7d64f2f8d32

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MGZ4J3S1DQPBHWWS
age: 14
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: M2TFm/gt+3wyAIjQFcBcEVHQgCspoStVwTDFBaCsugiN8J+LFkKrB0Svb4vhYg5PnM/olORi4YlHse3vyMmL3w==
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=togRk2tYELZnQmuz069QB6hP%2FaWLIst7Mp1zuQyNd6ZyILfyGMNNMFCWRCx4U5ptGxwLGEbNI2azoALuhlqbvQK55ZA9IIqJAdDF0AW0yertR7BAzdwuhqocCSE68FegznR0fGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 88d174a70bda3488-WAW
access-control-allow-headers: *

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 51 KB
18 KB 145ms
44ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-680
cdn-cachedat: 06/01/2024 18:10:33
cdn-pullzone: 293267
last-modified: Mon, 15 Apr 2024 18:01:26 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"661d6b76-cc60"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a396118748942f0fcebfc5e3afefd369
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 scripts.js Show response
ghostcitytours.com/assets/js/ 902 B
656 B 290ms
289ms Script
application/javascript 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/js/scripts.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bffaf791dffc5ae28fbfdc8d78e3e4bcdb28b00e9e1ac9bb835802f68ff19a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 10:43:43 GMT
cf-bgj: minify
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88d174a64d1abfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 wow.min.js Show response
ghostcitytours.com/assets/vendor/ 8 KB
3 KB 291ms
290ms Script
application/javascript 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/wow.min.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 10:43:54 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88d174a64d1ebfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.isotope.js Show response
ghostcitytours.com/assets/vendor/ 39 KB
11 KB 292ms
291ms Script
application/javascript 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/jquery.isotope.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c25af827e8c7d7e85e273d1f8d5594d81491d7e2625868ba482f93d5ca638e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 10:43:55 GMT
cf-bgj: minify
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88d174a64d23bfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.magnific-popup.min.js Show response
ghostcitytours.com/assets/vendor/magnific-popup/ 21 KB
8 KB 293ms
292ms Script
application/javascript 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/magnific-popup/jquery.magnific-popup.min.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 10:43:52 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88d174a64d2bbfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 vl-menu.js Show response
ghostcitytours.com/assets/vendor/vl-nav/js/ 3 KB
1 KB 230ms
230ms Script
application/javascript 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/vl-nav/js/vl-menu.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0f3403fa622417861c0395b891ed9aca5d67368b61693c223291124085827e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 Sep 2020 10:43:52 GMT
server: cloudflare
content-encoding: br
cf-polished: origSize=4987
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88d174a64d2fbfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
ghostcitytours.com/assets/vendor/bootstrap/js/ 57 KB
16 KB 293ms
293ms Script
application/javascript 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/bootstrap/js/bootstrap.min.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 10:43:48 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88d174a64d30bfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 popper.min.js Show response
ghostcitytours.com/assets/vendor/ 20 KB
8 KB 295ms
295ms Script
application/javascript 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/popper.min.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 10:43:55 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88d174a64d34bfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
ghostcitytours.com/assets/vendor/jquery/ 87 KB
31 KB 341ms
340ms Script
application/javascript 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/assets/vendor/jquery/jquery.min.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2020 10:43:53 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 88d174a64d38bfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 200 pa-63446f82405b1d0011001449.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 286ms
184ms Script
application/javascript 2606:4700:10::6816:3768
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-63446f82405b1d0011001449.js
Requested by: Host: ghostcitytours.com
URL: https://ghostcitytours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa1a0c939e49fa47fa0b8262790a8f5feaf87d0f88bd83d839ded2e81b60660

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 88d174a6dc7765b8-FRA
expires: Sat, 01 Jun 2024 19:07:02 GMT

GET
H3 200 ghost-city-tours.webp
ghostcitytours.com/cdn-cgi/image/quality=60,f=auto,w=2540,h=1215/images/home/ 112 KB
113 KB 173ms
173ms Image
image/avif 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ghostcitytours.com/cdn-cgi/image/quality=60,f=auto,w=2540,h=1215/images/home/ghost-city-tours.webp

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e5d8aa856ca2d1535daf2b3e34ba01724528182db5697b56aa01556e2c0ea8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 115194
cf-resized: internal=ok/h q=0 n=21+98 c=0+0 v=2024.5.2 l=115194
last-modified: Mon, 19 Feb 2024 20:15:38 GMT
cf-bgj: imgq:60,h2pri
server: cloudflare
etag: "cfRo31e3-MhRVYaBlbz5_flClpejC9XZfGHEbEsB25DQ"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88d174a64d3bbfc1-WAW

GET
H3 200 bones-bg.jpg
ghostcitytours.com/images/global/ 17 KB
17 KB 390ms
390ms Image
image/webp 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ghostcitytours.com/images/global/bones-bg.jpg

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b652bd97d09d255ec3993988ee850a82b99531c4d8bf574e9c4c1a883d285b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=17565
content-disposition: inline; filename="bones-bg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 17082
cf-bgj: imgq:85,h2pri
last-modified: Mon, 14 Mar 2022 19:51:52 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88d174a64d3dbfc1-WAW

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.8.1/webfonts/ 115 KB
115 KB 81ms
80ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5538a328926c9517ffb8670fccce94f6137d58c21ff4b10ecd772abfa16a012b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pro.fontawesome.com/releases/v5.8.1/css/all.css
Origin: https://ghostcitytours.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
cf-cache-status: HIT
x-amz-request-id: WMDESWQTTRW93R6T
age: 5813945
content-length: 117536
x-amz-id-2: CgmLrH8mzUY8eLdgxTLMaTR2zDePltJ6eBdHfzOe2VmclDzxa9ptdFmm/lhkdUDBVKQyq/EXHSs=
last-modified: Mon, 28 Jun 2021 17:39:32 GMT
server: cloudflare
etag: "e57324a466c24a207fd9ad0f5f5e3c9c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88d174a65b6ca031-FRA

GET
H2 200 fa-light-300.woff2
pro.fontawesome.com/releases/v5.8.1/webfonts/ 153 KB
154 KB 125ms
125ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.8.1/webfonts/fa-light-300.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558c1708821688922a35f8105bc9b840a73ae02165d0016746c71741ab48128d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pro.fontawesome.com/releases/v5.8.1/css/all.css
Origin: https://ghostcitytours.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
cf-cache-status: HIT
x-amz-request-id: T3VCAKKQXG4VMN7E
age: 6913538
content-length: 157064
x-amz-id-2: WtIPSboLdh6PVtAkk3+I5bjGZKqkWObq9HWChiWfpwEmNPjztjas3hBUTcsAvBbhwICG6h/MNXI=
last-modified: Mon, 28 Jun 2021 17:39:31 GMT
server: cloudflare
etag: "20bbccf14518922fa95a440f4c217d9e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 88d174a65b71a031-FRA

GET
H3 200 ghost-city-tours-savannah.webp
ghostcitytours.com/cdn-cgi/image/quality=60,f=auto,w=462,h=327/images/savannah/ 10 KB
11 KB 375ms
374ms Image
image/avif 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ghostcitytours.com/cdn-cgi/image/quality=60,f=auto,w=462,h=327/images/savannah/ghost-city-tours-savannah.webp

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c7fa5dc1b24542d414c546fef637e9d7024ea834f5ee2a30fe4525b12e2ab85

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc: h3=":443"; ma=86400
content-length: 10603
cf-resized: internal=ok/h q=0 n=15+81 c=0+0 v=2024.4.0 l=10603
last-modified: Mon, 19 Feb 2024 19:24:46 GMT
cf-bgj: imgq:60,h2pri
server: cloudflare
etag: "cf7qSzRnGM7st93hsqFeibHRKv-XxdYrkffMOb-8PdDQ"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88d174a66d5fbfc1-WAW

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
82 KB 157ms
71ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2PZFHV

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac6784bd00f859ca55b8182c416152b2b5591b39f9e1ade6f12821eb1d56865f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83875
x-xss-protection: 0
last-modified: Sat, 01 Jun 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Jun 2024 19:02:02 GMT

GET
H2 200 widget_button.js Show response
js.peek.com/ 49 KB
12 KB 155ms
41ms Script
application/javascript 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/widget_button.js?ts=5-1

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

721af38c62c4b2db1b1187e4ce7cbc31dff1eaa7a4d9a9906781d50f9e458985

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Sat, 01 Jun 2024 19:02:02 GMT
age: 2022
x-powered-by: Express
x-cache: HIT
content-length: 11406
x-served-by: cache-fra-etou8220058-FRA
last-modified: Wed, 08 May 2024 02:36:31 GMT
server: nginx
x-timer: S1717268522.468002,VS0,VE1
etag: W/"c236-18f560f4083"
vary: Accept-Encoding
access-control-allow-methods: GET, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *, *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Content-Type
x-cache-hits: 1

GET
H2 200 widget_button.css
js.peek.com/ 297 KB
58 KB 160ms
46ms Stylesheet
text/css 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/widget_button.css?ts=5-1

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

771c9412bd5f69b0771e68a42560ce7df2a4e57b64a59f3b3d38fc9fc21e318e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Sat, 01 Jun 2024 19:02:02 GMT
age: 903
x-powered-by: Express
x-cache: HIT
content-length: 59634
x-served-by: cache-fra-etou8220058-FRA
last-modified: Mon, 11 Mar 2024 15:50:23 GMT
server: nginx
x-timer: S1717268522.468018,VS0,VE1
etag: W/"4a4c0-18e2e353618"
vary: Accept-Encoding
access-control-allow-methods: GET, GET
content-type: text/css; charset=UTF-8
access-control-allow-origin: *, *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Content-Type
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 127ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 01 Jun 2024 19:02:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: zuSniD9AZ/HSUq/vjHqbK1+Edl2xSIZWDoOaXaWMlTs+Ee1X2Y5RC1n83qHtL6tl1M0vsBTvWZ9Z4CZHJ6FbVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 heap-724284035.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 267ms
157ms Script
application/javascript 18.173.154.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-724284035.js

Requested by

Host: ghostcitytours.com
URL: https://ghostcitytours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-111.muc50.r.cloudfront.net

Software

nginx / Express

Resource Hash

d139c6dd5deede88f47b832e55acb32db041241479e7cf1eecbbf644528c4ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:01:23 GMT
content-encoding: br
via: 1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MUC50-P3
age: 39
x-powered-by: Express
etag: W/"1d44a-dAL2sqpLpWaH8Cfmsj3Zb44Q4aY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -WOWGOVzMENVQB2L-LzCnxfoAwQpsMItc3Pnn_s1xRiNCc_xppUuSA==

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 40ms
40ms Stylesheet
text/css 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 0d47dbbac748871e5314dc3f196d618bd32e3f102be480b8dc6fdfe2690d676e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-676
cdn-cachedat: 06/01/2024 18:10:33
cdn-pullzone: 293267
last-modified: Mon, 15 Apr 2024 18:02:32 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"661d6bb8-2644"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5d082663681ae753cba96ba8feccd7d4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 401 76036 Show response
api.omappapi.com/v2/embed/ 165 B
592 B 255ms
157ms XHR
application/json 2606:4700:3108::ac42:2af8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/76036?d=ghostcitytours.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
via: 1.1 f741e5a55bc5bd136ac1f5406bb11d88.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-cache-config: 0 0
x-amz-cf-pop: FRA60-P10
x-cache: Error from cloudfront
content-length: 165
x-user-agent: standard--
server: cloudflare
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=1800
cf-ray: 88d174a96eff2c6b-FRA
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: zBMK0xTaxt-CkigC_tw26ZwSG_S4OLAPtDm8fZU2I0_b2PiiwH10nQ==
expires: Sat, 01 Jun 2024 19:04:02 GMT

GET
H2 200 1d4b22bf-b8ec-45c8-8974-d7d64f2f8d32 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 397ms
267ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/1d4b22bf-b8ec-45c8-8974-d7d64f2f8d32

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1d4b22bf-b8ec-45c8-8974-d7d64f2f8d32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

064d5ffceecb7f2f212e6dd170ce954ed55a9716e56af03a5ec525f2458aa3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 88ad29592d662f0f-SEA, 88ad29592d662f0f-SEA
x-runtime: 0.012211
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"064d5ffceecb7f2f212e6dd170ce954e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eojkOkYch%2FNqr%2BAFH%2F%2Bx1bBx%2FWTqa8bJOpATKqThpTiDGNRj1HDLD4X5smFO%2BCasXAE%2BHoz2Pz61oihlNfpFJNEuN6gB1bgN0EXZp7ud2PE5yavDibEgtfq%2BcEyh2EIctac%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 88d174a99c96bfe9-WAW

GET
H2 200 track.js Show response
scripts.clixtell.com/ 32 KB
32 KB 173ms
47ms Script
text/html 2600:9000:2090:1a00:b:cd06:4440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.clixtell.com/track.js
Requested by: Host: ghostcitytours.com
URL: https://ghostcitytours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:1a00:b:cd06:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 /
Resource Hash: 6aa4637794ab115a4a86c39a14babb02db055413085af153ceb8e4a7b281e3b0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 22:28:52 GMT
via: 1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront)
server: Microsoft-IIS/7.5
x-aspnet-version: 4.0.30319
x-amz-cf-pop: AMS58-P1
age: 73989
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=86400
access-control-allow-headers: Content-Type
content-length: 32795
x-amz-cf-id: _RWXwekQwp_hnqW6Qk0iC73j_1U4NDE-9YsWY3twaxeF4UDDB8qKyA==

OPTIONS
H2 200 session
api.trstplse.com/v1/account/2723/ Frame 0
0 335ms
233ms Preflight
text/html 2606:4700:3108::ac42:2851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trstplse.com/v1/account/2723/session
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://ghostcitytours.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-OptinMonster-ApiKey, X-CSRF-Token, X-XSRF-Token, Bearer-Token, X-Auth-Token, Origin, X-Requested-With, Content-Type, Accept, Authorization, Auth, X-SC-Touchpoint
access-control-allow-methods: GET, HEAD, OPTIONS, POST, PUT, DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 88d174a97f148c49-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 01 Jun 2024 19:02:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nk%2B1mkqqbbOLmuUozkHYKjYVoK%2BWD43EeGImBDHH5JhGdwaTwK7u007%2Fl2RBVcuHEmr05DNCT7jiSg%2FGlf3%2Be4epPH%2BimrcG4swTGUVhbceFfkcQpv5t3DANNajdlGf4tbopWsejxyPpF%2FA8aiA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, User-Agent
x-cache-config: 0 0
x-user-agent: standard--

POST
H2 200 session Show response
api.trstplse.com/v1/account/2723/ 39 B
355 B 164ms
164ms XHR
application/json 2606:4700:3108::ac42:2851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trstplse.com/v1/account/2723/session
Requested by: Host: a.trstplse.com
URL: https://a.trstplse.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 589ce0e2569353789682d3364d6ed9fbcd6cb4c4a85f377cb6580559e3259cd5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ghostcitytours.com/
X-Requested-With: TrustPulseApi
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
x-user-agent: standard--
cf-cache-status: DYNAMIC
x-cache-config: 0 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvP%2BQtitIwoaFzw0Xec95zWSUHaNt%2BX3HJnAV%2FRW4gAoCUFANI4kW2aTOYogYELQv%2B%2BAbs7oH2Mi%2B9OtgyYjJNabJ%2FUjLxt9XMtfAiavVvmRq488dkJ0U5%2FSt9m8p2nsdiGQyYLKlF0caV%2F1cuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 88d174aae92c8c49-FRA
access-control-allow-headers: X-CSRF-Token
content-length: 39

GET
H3 200 favicon.png
ghostcitytours.com/images/ 1 KB
2 KB 214ms
214ms Other
image/webp 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/images/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156e131058563c833d0cb9633a662898a465549ccfb6c3afbad6f90d837231ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1794
content-disposition: inline; filename="favicon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1328
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Sep 2020 10:52:14 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 88d174a8e935bfc1-WAW

POST
H3 204 rum Show response
ghostcitytours.com/cdn-cgi/ 0
142 B 65ms
65ms XHR
text/plain 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ghostcitytours.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 88d174a8f949bfc1-WAW

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 268ms
55ms XHR
text/plain 52.48.122.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=63446f82405b1d0011001449&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=37&cE=127&dLE=37&dLS=37&fS=1&hS=76&rE=-1&rS=-1&reS=127&resS=411&resE=416&uEE=-1&uES=-1&dL=413&dI=434&dCLES=930&dCLEE=930&dC=1326&lES=1326&lEE=1329&s=nt&title=Ghost%20City%20Tours%20%7C%20Ghost%20Tours%20in%20America%27s%20most%20haunted%20cities&path=https%3A%2F%2Fghostcitytours.com%2F&ref=&sId=f8os8b3x&sST=1717268522&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-63446f82405b1d0011001449.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.122.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-122-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 01 Jun 2024 19:02:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 config.js Show response
js.peek.com/ 2 KB
911 B 270ms
269ms Script
text/javascript 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/config.js?key=45a59f93-6f8d-4768-98dd-dac86274ab1d

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=5-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

db1f9c02c48755f22305c82b63dbd630e97fb4bc0283bde27cf3dd0a29967732

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Sat, 01 Jun 2024 19:02:02 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 790
x-served-by: cache-fra-etou8220058-FRA
server: nginx
x-timer: S1717268523.516466,VS0,VE229
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 0

GET
H2 200 h Show response
js.peek.com/ 2 B
334 B 215ms
133ms Fetch
text/plain 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/h?tls=null&type=sp_page_view&lt=null&tl=null&uid=1717268522513247&src=&apik=45a59f93-6f8d-4768-98dd-dac86274ab1d&dh=ghostcitytours.com&path=%2F&btns=0&bdcnt=0&bucnt=0&ls=null&m=0&cfh=0

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=5-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600; includeSubDomains
via: 1.1 google, 1.1 varnish
date: Sat, 01 Jun 2024 19:02:02 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 2
x-served-by: cache-fra-etou8220102-FRA
server: nginx
x-timer: S1717268523.616395,VS0,VE92
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 0

GET
H2 200 1555701534747633 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 102ms
102ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1555701534747633?v=2.9.156&r=stable&domain=ghostcitytours.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a35773201e2942fa02fabeeff9888739c9c3afde0485113dcb29845ce041550

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 01 Jun 2024 19:02:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=63, mss=1294, tbw=63357, tp=-1, tpl=-1, uplat=63, ullat=0
pragma: public
x-fb-debug: NUswgDcCEdOoPKAO4RlSS88/YC98FO62u+PW1gkJxDte/7+3cQ+dusdbJg7R6wjAzI1iPjo+bw1KNsF/DZUO7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 track Show response
tracker.clixtell.com/ 5 B
149 B 217ms
217ms XHR
text/html 2a01:111:f100:3001::a83e:88b
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.clixtell.com/track
Requested by: Host: scripts.clixtell.com
URL: https://scripts.clixtell.com/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:f100:3001::a83e:88b San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Content-Type
content-length: 5

OPTIONS
H2 200 track
tracker.clixtell.com/ Frame 0
0 624ms
190ms Preflight 2a01:111:f100:3001::a83e:88b
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.clixtell.com/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:f100:3001::a83e:88b San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ghostcitytours.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
allow: OPTIONS, TRACE, GET, HEAD, POST
content-length: 0
date: Sat, 01 Jun 2024 19:02:03 GMT
public: OPTIONS, TRACE, GET, HEAD, POST
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L161GWJHR0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2PZFHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

510d8a5b2bcb6bb9aa9943f22f016f66dcab6061e29e3b208c1765b2bf7e4937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102520
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 01 Jun 2024 19:02:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2PZFHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Jun 2024 17:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4859
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 01 Jun 2024 19:41:03 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 384ms
120ms Image
image/gif 44.215.206.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=724284035&u=4413831609289756&v=1651046114021546&s=3631915017129081&b=web&tv=4.0&z=0&h=%2F&d=ghostcitytours.com&t=Ghost%20City%20Tours%20%7C%20Ghost%20Tours%20in%20America%27s%20most%20haunted%20cities&ts=1717268522698&ubv=125.0.6422.112&upv=10.0.0&sch=1200&scw=1600&st=1717268522699

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.206.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-206-200.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 19:02:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 web-widget-main-4a143a0.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 730D 456 KB
141 KB 83ms
83ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1d4b22bf-b8ec-45c8-8974-d7d64f2f8d32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2532f2c05410f507f22cf99dc89e3c240c495caa9aca45745d6bfc81f841f7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
x-amz-version-id: _n8r.NUcUhB6WHYNK8FtbgGmnck8h3JW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: JNNJSCQVW5E2F0CX
age: 380595
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 5DiDuyaGnJEmb7PUPJwptsILTOr2dDel6aMxQ9E05alCwdgSXmmGI9Uz6bu8Ex8WjYdRDEZFFEKpb9h+CB7KvA==
last-modified: Tue, 21 May 2024 08:00:03 GMT
server: cloudflare
etag: W/"b83c840cbea70517dd4aac2528a75c10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XhLzusnQQywxSN%2FO0kk4XhaPpMu8VYqbSHhebY%2FMZ1N0Ohm8V0X9v9vQQE8z%2B2IgOkMPB2mD3ZGBQPtc%2FMXZtZe8iXSPmg%2FV2vs6oGZB4K0YyeX8klhrVKWD%2FlR6%2BlV0w0vfNss%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88d174ab5a663488-WAW
access-control-allow-headers: *
expires: Wed, 21 May 2025 08:00:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 144ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Amiri:400i|Oswald:400

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=5-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86c0dbd9e885e26d73cd073f15a7cacb181f2452cde55a5b7a68131f2c750533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Jun 2024 19:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 01 Jun 2024 19:02:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Jun 2024 19:02:02 GMT

GET
H2 200 h Show response
js.peek.com/ 2 B
66 B 146ms
145ms Fetch
text/plain 199.232.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/h?tls=null&type=sp_embed_load_complete&lt=null&tl=null&uid=1717268522513247&src=&apik=45a59f93-6f8d-4768-98dd-dac86274ab1d&dh=ghostcitytours.com&path=%2F&btns=0&bdcnt=0&bucnt=0&ls=null&m=0&cfh=0

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=5-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=3600; includeSubDomains
via: 1.1 google, 1.1 varnish
date: Sat, 01 Jun 2024 19:02:02 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 2
x-served-by: cache-fra-etou8220102-FRA
server: nginx
x-timer: S1717268523.788073,VS0,VE105
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 124ms
41ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1555701534747633&ev=PageView&dl=https%3A%2F%2Fghostcitytours.com%2F&rl=&if=false&ts=1717268522775&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1717268522774.477615271&ler=empty&cdl=API_unavailable&it=1717268522661&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 01 Jun 2024 19:02:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 172ms
89ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1555701534747633&ev=PageView&dl=https%3A%2F%2Fghostcitytours.com%2F&rl=&if=false&ts=1717268522775&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1717268522774.477615271&ler=empty&cdl=API_unavailable&it=1717268522661&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd8d5a687c4471ef5","source_keys":["1","2"]},{"key_piece":"0x1fb1daafaec32332","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 01 Jun 2024 19:02:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=3097, tp=-1, tpl=-1, uplat=47, ullat=0
pragma: no-cache
x-fb-debug: /OOxHL2dhFwY2m7K4dpZD6zjmslc4xTkUw92QHiqh9IC8ROeF+dw1lhik7xluEIq7IGEpBLH43K93Yd0kKi/cw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 144ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L161GWJHR0&gtm=45je45t0v874169273z8810954427za200zb810954427&_p=1717268522333&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=900768375.1717268523&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1717268522&sct=1&seg=0&dl=https%3A%2F%2Fghostcitytours.com%2F&dt=Ghost%20City%20Tours%20%7C%20Ghost%20Tours%20in%20America%27s%20most%20haunted%20cities&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1826
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L161GWJHR0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 19:02:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ghostcitytours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 143ms
48ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L161GWJHR0&cid=900768375.1717268523&gtm=45je45t0v874169273z8810954427za200zb810954427&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L161GWJHR0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 19:02:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ghostcitytours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 404 collect
ghostcitytours.com/g/ 315 B
391 B 288ms
288ms Ping
text/html 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/g/collect?v=2&tid=G-L161GWJHR0&gtm=45je45t0v874169273z8810954427za200zb810954427&_p=1717268522333&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=900768375.1717268523&ul=de-de&sr=1600x1200&_fplc=0&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAC&_s=2&sid=1717268522&sct=1&seg=1&dl=https%3A%2F%2Fghostcitytours.com%2F&dt=Ghost%20City%20Tours%20%7C%20Ghost%20Tours%20in%20America%27s%20most%20haunted%20cities&en=page_view&_et=1&tfd=1830

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L161GWJHR0&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-type: text/html; charset=iso-8859-1
cf-ray: 88d174abed5abfc1-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 117ms
67ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L161GWJHR0&cid=900768375.1717268523&gtm=45je45t0v874169273z8810954427za200zb810954427&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1607290037

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 19:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 47ms
46ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=297816461&t=pageview&_s=1&dl=https%3A%2F%2Fghostcitytours.com%2F&ul=de-de&de=UTF-8&dt=Ghost%20City%20Tours%20%7C%20Ghost%20Tours%20in%20America%27s%20most%20haunted%20cities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=383648458&gjid=1755768545&cid=900768375.1717268523&tid=UA-31281495-6&_gid=1748404620.1717268523&_r=1&_slc=1&gtm=45He45t0n81N2PZFHVv810954427za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1739858369

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 19:02:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ghostcitytours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 notifications Show response
api.trstplse.com/v1/account/2723/ 77 KB
4 KB 145ms
145ms XHR
application/json 2606:4700:3108::ac42:2851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trstplse.com/v1/account/2723/notifications
Requested by: Host: a.trstplse.com
URL: https://a.trstplse.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b0cb366b78ced09e400a88602bb020e56a4f50efad645bfebff9f5c148c29d5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:02 GMT
x-user-agent: standard--
content-encoding: gzip
cf-cache-status: DYNAMIC
x-cache-config: 0 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-cache-status: HIT
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=adtnvKNmE064csAb%2FqATTqr5HcyE0xE1N17jsS%2Bbp%2B2qWZLnImjU6TQZcwIcbPt77hvlQwwTAY%2FDEvHK9nbluLWZRd%2FsrS1%2B%2FxzuTsb4swoN6O%2BGpMZmWj7h7z3tqeI%2FUOjmDwS4fzUNG0E0FhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 88d174abfa888c49-FRA
access-control-allow-headers: X-CSRF-Token

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 83ms
48ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-31281495-6&cid=900768375.1717268523&jid=383648458&gjid=1755768545&_gid=1748404620.1717268523&npa=1&_u=YCDACEAABAAAACAAI~&z=1728449264

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 01 Jun 2024 19:02:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ghostcitytours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-4a143a0.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 730D 20 KB
4 KB 75ms
74ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
x-amz-version-id: .wQK.xsJk3Y5gTDB1Kv8Qfjb91MC5_Ih
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYTPBVX4H6J29R6
age: 380585
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: x5vmAuM2aRnQYRwqdMWgWr2rVUvu2yeW7VY06LWAMsSXkTaAeVbb0OHu7/A4nH3v0SSAynD0wDo=
last-modified: Tue, 21 May 2024 08:00:04 GMT
server: cloudflare
etag: W/"8f0c2ab0bd14e9e847312f7e99adb66d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRDUEnAk%2BoJtfx9Hy%2BNaHvHL%2FRWRrie06%2BFWpzWp7rgep78a%2FOyxN7ZWzZduU3sjZgAT6F3kirzAUoJL9MXNfJTinTPI7FoBj%2FbL%2FAWHXJ2MXAHJQlJnmDllr2yhPWhr8ZZCCpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88d174acac393488-WAW
access-control-allow-headers: *
expires: Wed, 21 May 2025 08:00:03 GMT

GET
H2 200 web-widget-4852-4a143a0.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 730D 139 KB
47 KB 78ms
77ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
x-amz-version-id: M06B72M7vFUIna6iu8mCVXAa42U1_qIV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYT0ZQM4NG9CBC0
age: 380595
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: XNf8/4ORgwofem636TKEEuN50Iz9ivJZ6jUsKRoFp2gMmnGj8WNS1laq6Zhk7izbajVZtxOvJ/0SVQ83fFbn6Q==
last-modified: Tue, 21 May 2024 08:00:02 GMT
server: cloudflare
etag: W/"40fb729956c4a956df4256614af4b393"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1XkLTZGZbGhuVBjgUuOCODEeXxF0LPizvu1aOKrWpfFbgHM9tv%2BkZnQDtfuykl5RxPwZ3wi6wiKbJV5QOR3PcNMwiofVhcdXvcYhVcv4X68s3aIXrkFI0xRBd3WX7Nd9p8ku58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88d174acac3d3488-WAW
access-control-allow-headers: *
expires: Wed, 21 May 2025 08:00:01 GMT

GET
H2 200 web-widget-9527-4a143a0.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 730D 29 KB
11 KB 77ms
76ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
x-amz-version-id: 8GXAr8wtsIR0vyrO8tNcRslrWdl537XH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYXMFVNVEJR25PX
age: 380595
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: UrqhGv+CDsDYBx5Pv2RARcrVrCMXgV0a4Mof12dZTHZz+1Kb7YOgWdqGjUWV48LXNA0cKzwSMwndYffKyksqVA==
last-modified: Tue, 21 May 2024 08:00:03 GMT
server: cloudflare
etag: W/"083d4fe56f4013855997ad6d21392f69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Kq%2FJ%2Bspj4lr7p%2FCo3K%2B17mzBxA0U8DysZkJHI%2FwzAnSsBfvWcHHBgypLRN2XLvkCHqMe3hufhR%2BnV3plTfdqJ6fQiDpq6zuoNIrbr94SpiEBALn2snKM1QPBr0mZ0EfZwqE%2BUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88d174acac423488-WAW
access-control-allow-headers: *
expires: Wed, 21 May 2025 08:00:02 GMT

GET
H2 200 web-widget-2306-4a143a0.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 730D 14 KB
4 KB 76ms
75ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
x-amz-version-id: AlkTYT9ZfTF3yVcDB9NuSwjhC59CG2k3
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYXJ1AEY9SXZAT3
age: 380595
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /F9d9jgEt2xH+omEoB07goVzatT125S5agHSMJI4wnxyjhgfE3A5uTZlPnYa7HwAPQXI6qDG44w=
last-modified: Tue, 21 May 2024 08:00:02 GMT
server: cloudflare
etag: W/"1b2c14135523982db180c989ec11c5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AUriDg7LFetzzYP3qVNMQUKTliN1R0%2FUIhGn6ZnxhaWILuSseUIpMkCTZTl45XB9cdmLy%2B99BkQJZhVwHLkxhMeG9UZinjyAxiyQ%2Fciikx384FeAoIFmv4tIqSCkwPmzoy972p8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88d174acac443488-WAW
access-control-allow-headers: *
expires: Wed, 21 May 2025 08:00:01 GMT

GET
H2 200 web-widget-5178-4a143a0.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 730D 12 KB
5 KB 80ms
80ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
x-amz-version-id: wKrDC5LktoEcJdPHZBFRrlbfl6GRcHTD
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYRPNDWG3FE0RHN
age: 380595
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fnQ1DHWWivCbgmBfnJhn2/IQn0FqLhpNdwsncFdtKg+YzciCbHRIuSJUBpl53FtOsY38U7fSwiE=
last-modified: Tue, 21 May 2024 08:00:02 GMT
server: cloudflare
etag: W/"7ea6a03ae546d28215fb61ff43d384ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBuXPOLtT%2BZaH0kRFPUnorPNtwt4Zzhh7qPDDlsqyi8c2xZBHGFcTi26Bl3dD2meegMjfUTg%2FosoqWTmYEP4rUvITQv9fjQs8i5d9yAXsiTaXodbqh7QKpvGdwcwsZl6jcFMJA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88d174acac463488-WAW
access-control-allow-headers: *
expires: Wed, 21 May 2025 08:00:01 GMT

GET
H2 200 web-widget-9535-4a143a0.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 730D 15 KB
6 KB 73ms
73ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d52b4f234c5594531fe5d7b44dc0152721c4c1d8fa24fc1363e62d83dcf9b090

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
x-amz-version-id: CFUGYiOKXVe_phN09rf52i1St84xmvFd
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYMGTMHM9HQH3ED
age: 380595
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: CmE4bjG0YxT8aTo94FgOJkaJdbgxZx7P9c2kda0ITveaHUQ+GV8vBa8KFCdxV4b+iIVSwdA6Wig=
last-modified: Tue, 21 May 2024 08:00:03 GMT
server: cloudflare
etag: W/"49e0c7e2a647623949726517bb39175a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZxjsyRKjbZcPwoSyCmLUg34tAXO0iEupWS%2BOFWdXNIS2f3Kb%2Blw9z3%2FZfYmqa3FjU7LHBpDRqFhMsOGsahxEiQ138LaglMhRhOAGNvJNPqsY%2B5Qb7nmbYpBwkBw9%2BPRwc%2BO0gYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88d174acac4a3488-WAW
access-control-allow-headers: *
expires: Wed, 21 May 2025 08:00:02 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 194ms
65ms Image
image/gif 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31281495-6&cid=900768375.1717268523&jid=383648458&npa=1&_u=YCDACEAABAAAACAAI~&z=1318088834

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 19:02:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 67ms
67ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31281495-6&cid=900768375.1717268523&jid=383648458&npa=1&_u=YCDACEAABAAAACAAI~&z=1318088834

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 01 Jun 2024 19:02:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.25.0/ 58 KB
17 KB 156ms
53ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.25.0/moment.min.js

Requested by

Host: a.trstplse.com
URL: https://a.trstplse.com/app/js/api.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a607fa0c68d03462f2240e41799883515a9b853c4195084907cbaae6da50330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 248365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16866
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-e629"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4aXs7fs0SWjBfns3YiBNJ5VKV8o1a8EcgpDXqWM5S4jXkSCmW6PprVKuGZKMHlUZufUgz0l5SU952rkpi2CO7LZEP8K58LTgrNr%2B%2BlBqpEWIwhFuBYnkwm884dh1Pi8BM2Uemp9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88d174ad8ca89271-FRA
expires: Thu, 22 May 2025 19:02:03 GMT

POST
H2 200 pv
ghostcitytours.zendesk.com/frontendevents/ Frame 730D 0
0 652ms
652ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostcitytours.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 01 Jun 2024 19:02:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQ4YC3adrKCIa1NewtKTjghwgJuDsEoexgzFsh%2Bfx%2FaIUxhGjCNS9%2Fuug8bcGudu9K9ulqB3pn9udLGDMy2BP6jFsApGZv3LgMEwPTWNHSoGK0k3Dbc3RcMFoxLl%2FNEK9qGQh4twrivXkaBU"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 88d174afbac470ba-WAW
content-length: 0
x-request-id: 88d174afbac470ba-WAW

GET
H2 200 config Show response
ghostcitytours.zendesk.com/embeddable/ Frame 730D 764 B
978 B 438ms
304ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostcitytours.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 964f664dcf7231555da69beb97b093525078688b22e73893a9a52ceed3be86d1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-c874c9c77-wvndg
x-cached: MISS
x-runtime: 0.003146
last-modified: Sat, 01 Jun 2024 16:48:57 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oa3bxtHnhfXMgoQfYQdiAIM4%2FSXPZ%2B9tYyL4K%2Fhchs%2BfqsYacs527U6St%2BC2OYYdNE4ICXGV33auWPWAIXTWvui5sjM6t9eV%2FPvFAYW%2B%2FNPrFGWMRZsIPmLLy8Y2d3EbChTKmIT%2BZYZsP%2FhL"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 88d174ae0f2570ba-WAW

OPTIONS
H2 204 pv
ghostcitytours.zendesk.com/frontendevents/ Frame 0
0 402ms
268ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostcitytours.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ghostcitytours.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 88d174ae0f2770ba-WAW
date: Sat, 01 Jun 2024 19:02:03 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h39yEehbfnPCn%2BZqVdkVRzeltSgMeaVIFdLEr5b5d065OaLUB0hWx1HRnodotsQy0g8D%2FZ4rCsgBmqtuD0dQLU57wxv%2Feo8S4JIi8ufylcKOF7gf%2FndAweVwuGR3h7r3JwAYgOlZootjrm5B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 88d174ae0f2770ba-WAW
x-zendesk-zorg: yes

GET
H3 200 moment-timezone-with-data-2012-2022.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.23/ 32 KB
8 KB 54ms
53ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.23/moment-timezone-with-data-2012-2022.min.js

Requested by

Host: a.trstplse.com
URL: https://a.trstplse.com/app/js/api.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23190e1539469cc8b5faccb038b260ccda2cc62672c70efa1900a51a8e3d1be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 585309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8068
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-802f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdzEi%2FvXM9bY7KKA58M3a1LVtYrqZOulqT5zSaeN4kHEDpq7yYDgV4CjQH20PCQ2UnlybFKHrOcgIv56f%2BPiFvb%2BzIyMHoM0bZdxeKFM9eP2%2Fcq6xloYV68ZKEgjzWZH4fgmXWNs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88d174ae2d619271-FRA
expires: Thu, 22 May 2025 19:02:03 GMT

GET
H3 404 collect Show response
ghostcitytours.com/g/ 315 B
391 B 200ms
200ms XHR
text/html 172.66.43.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostcitytours.com/g/collect?v=2&tid=G-L161GWJHR0&gtm=45je45t0v874169273z8810954427za200zb810954427&_p=1717268522333&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=900768375.1717268523&ecid=894559678&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BY&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1717268522333&sst.ude=0&_s=3&sid=1717268522&sct=1&seg=1&dl=https%3A%2F%2Fghostcitytours.com%2F&dt=Ghost%20City%20Tours%20%7C%20Ghost%20Tours%20in%20America%27s%20most%20haunted%20cities&en=gtm.dom&ep.event_id=731c1fc8-4c42-4580-8616-9b9dcedbd724_1717268522333.3&ep.event_name=PageView&_et=1&tfd=2331&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L161GWJHR0&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostcitytours.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 19:02:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-type: text/html; charset=iso-8859-1
cf-ray: 88d174af0951bfc1-WAW
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ghostcitytours.com/	1970-01-21 06:37:08	Name: _omappvp Value: XVnfKA6zLDQllF0UVTDMlJ1HzYtc92PZUXWXjFy813ZnEitpPjmqqa7RrZ82XkxhkDaa0J82AGVEIx6UgyssOMY5wl0bj0p1
ghostcitytours.com/	1970-01-20 21:01:09	Name: _omappvs Value: 1717268522344
ghostcitytours.com/	1970-01-20 21:44:20	Name: _tpapp Value: 2o10k6uNyuEwnNJwjQCPN0Z5IK4oM8e1sCy6KchdEXOg8RWatVRwYSqMJ82YOHwEFhqDwXcHEGUDFR6tAMf6ZG4u3XrS6HL7
ghostcitytours.com/	1970-01-20 23:10:44	Name: clix.session Value: 3789623632038559
.ghostcitytours.com/	1970-01-21 06:29:06	Name: _hp2_id.724284035 Value: %7B%22userId%22%3A%224413831609289756%22%2C%22pageviewId%22%3A%221651046114021546%22%2C%22sessionId%22%3A%223631915017129081%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.ghostcitytours.com/	1970-01-20 23:10:44	Name: _fbp Value: fb.1.1717268522774.477615271
.ghostcitytours.com/	1970-01-21 06:37:08	Name: _ga_L161GWJHR0 Value: GS1.1.1717268522.1.1.1717268522.60.0.894559678
.ghostcitytours.com/	1970-01-21 06:37:08	Name: _ga Value: GA1.2.900768375.1717268523
.ghostcitytours.com/	1970-01-20 21:02:34	Name: _gid Value: GA1.2.1748404620.1717268523
.ghostcitytours.com/	1970-01-20 21:01:08	Name: _gat_UA-31281495-6 Value: 1
.ghostcitytours.com/	1970-01-20 21:01:10	Name: _hp2_ses_props.724284035 Value: %7B%22ts%22%3A1717268522698%2C%22d%22%3A%22ghostcitytours.com%22%2C%22h%22%3A%22%2F%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.omappapi.com/v2/embed/76036?d=ghostcitytours.com Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://ghostcitytours.com/g/collect?v=2&tid=G-L161GWJHR0&gtm=45je45t0v874169273z8810954427za200zb810954427&_p=1717268522333&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=900768375.1717268523&ul=de-de&sr=1600x1200&_fplc=0&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAC&_s=2&sid=1717268522&sct=1&seg=1&dl=https%3A%2F%2Fghostcitytours.com%2F&dt=Ghost%20City%20Tours%20%7C%20Ghost%20Tours%20in%20America%27s%20most%20haunted%20cities&en=page_view&_et=1&tfd=1830 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ghostcitytours.com/g/collect?v=2&tid=G-L161GWJHR0&gtm=45je45t0v874169273z8810954427za200zb810954427&_p=1717268522333&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=900768375.1717268523&ecid=894559678&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BY&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1717268522333&sst.ude=0&_s=3&sid=1717268522&sct=1&seg=1&dl=https%3A%2F%2Fghostcitytours.com%2F&dt=Ghost%20City%20Tours%20%7C%20Ghost%20Tours%20in%20America%27s%20most%20haunted%20cities&en=gtm.dom&ep.event_id=731c1fc8-4c42-4580-8616-9b9dcedbd724_1717268522333.3&ep.event_name=PageView&_et=1&tfd=2331&richsstsse Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.trstplse.com
api.omappapi.com
api.trstplse.com
cdn.heapanalytics.com
cdnjs.cloudflare.com
connect.facebook.net
ekr.zdassets.com
fonts.googleapis.com
ghostcitytours.com
ghostcitytours.zendesk.com
heapanalytics.com
js.peek.com
pro.fontawesome.com
region1.analytics.google.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
scripts.clixtell.com
static.cloudflareinsights.com
static.zdassets.com
stats.g.doubleclick.net
tracker.clixtell.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.51.111
104.17.25.14
104.18.70.113
104.18.72.113
142.250.186.35
172.66.43.130
18.173.154.111
199.232.193.208
2001:4860:4802:32::36
216.58.206.68
2400:52e0:1e00::1079:1
2400:52e0:1e00::1080:1
2600:9000:2090:1a00:b:cd06:4440:93a1
2606:4700:10::6816:3768
2606:4700:3108::ac42:2851
2606:4700:3108::ac42:2af8
2606:4700:3108::ac42:2b82
2606:4700:4400::ac40:93bc
2606:4700::6810:5049
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c1b::9d
2a01:111:f100:3001::a83e:88b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
44.215.206.200
52.48.122.176
064d5ffceecb7f2f212e6dd170ce954ed55a9716e56af03a5ec525f2458aa3d9
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0d47dbbac748871e5314dc3f196d618bd32e3f102be480b8dc6fdfe2690d676e
156e131058563c833d0cb9633a662898a465549ccfb6c3afbad6f90d837231ee
21136ec612d987e8c249406a51be95d0942798f5a7d101d41cf7a4cb558046cc
23190e1539469cc8b5faccb038b260ccda2cc62672c70efa1900a51a8e3d1be5
2532f2c05410f507f22cf99dc89e3c240c495caa9aca45745d6bfc81f841f7ab
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
43856f335888d701d4b4eaa1694f261c13e60ef90a652fa2d57cd7d73feb00d0
45e5d8aa856ca2d1535daf2b3e34ba01724528182db5697b56aa01556e2c0ea8
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
510d8a5b2bcb6bb9aa9943f22f016f66dcab6061e29e3b208c1765b2bf7e4937
5538a328926c9517ffb8670fccce94f6137d58c21ff4b10ecd772abfa16a012b
558c1708821688922a35f8105bc9b840a73ae02165d0016746c71741ab48128d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
589ce0e2569353789682d3364d6ed9fbcd6cb4c4a85f377cb6580559e3259cd5
595dafc00b877ac3ae42da6da13f2932eab236adf6e03b336e098cd2f89d7aca
5c034c7c6fb0dd5bb7e8a626c040508a2cdf18308246f0a4e8dff1a729a61791
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6aa4637794ab115a4a86c39a14babb02db055413085af153ceb8e4a7b281e3b0
6c7fa5dc1b24542d414c546fef637e9d7024ea834f5ee2a30fe4525b12e2ab85
6f0205465a26d777130da924239140838d3bcdead47e334b41bcef44414c690d
721af38c62c4b2db1b1187e4ce7cbc31dff1eaa7a4d9a9906781d50f9e458985
771c9412bd5f69b0771e68a42560ce7df2a4e57b64a59f3b3d38fc9fc21e318e
7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135
797981573b91eb46508d7c3d64fcd66ac7025abd264dc3e1c550dad2b503c070
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c0dbd9e885e26d73cd073f15a7cacb181f2452cde55a5b7a68131f2c750533
87d9278738d57ef95f7bbf385f44a2e8f28eb59dbd28edd42df9348290eb7ef4
8a607fa0c68d03462f2240e41799883515a9b853c4195084907cbaae6da50330
8b0cb366b78ced09e400a88602bb020e56a4f50efad645bfebff9f5c148c29d5
964f664dcf7231555da69beb97b093525078688b22e73893a9a52ceed3be86d1
99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d
9a35773201e2942fa02fabeeff9888739c9c3afde0485113dcb29845ce041550
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac6784bd00f859ca55b8182c416152b2b5591b39f9e1ade6f12821eb1d56865f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b652bd97d09d255ec3993988ee850a82b99531c4d8bf574e9c4c1a883d285b8b
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
bffaf791dffc5ae28fbfdc8d78e3e4bcdb28b00e9e1ac9bb835802f68ff19a21
c25af827e8c7d7e85e273d1f8d5594d81491d7e2625868ba482f93d5ca638e0d
caa1a0c939e49fa47fa0b8262790a8f5feaf87d0f88bd83d839ded2e81b60660
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d139c6dd5deede88f47b832e55acb32db041241479e7cf1eecbbf644528c4ab2
d52b4f234c5594531fe5d7b44dc0152721c4c1d8fa24fc1363e62d83dcf9b090
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
db1f9c02c48755f22305c82b63dbd630e97fb4bc0283bde27cf3dd0a29967732
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0f3403fa622417861c0395b891ed9aca5d67368b61693c223291124085827e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

ghostcitytours.com Open in urlscan Pro 2606:4700:3108::ac42:2b82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

100 %HTTPS

61 %IPv6

20 Domains

27 Subdomains

28 IPs

5 Countries

1305 kBTransfer

3441 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ghostcitytours.com Open in urlscan Pro
2606:4700:3108::ac42:2b82 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

61 %
IPv6

20
Domains

27
Subdomains

28
IPs

5
Countries

1305 kB
Transfer

3441 kB
Size

11
Cookies

73 HTTP transactions
0 data transactions