www.galaxypromo.bigcityexperience.com Open in urlscan Pro
35.200.206.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.galaxypromo.bigcityexperience.com/
Submission: On December 13 via api (December 13th 2023, 5:09:09 pm UTC) from US — Scanned from US

Summary HTTP 39 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 39 HTTP transactions. The main IP is 35.200.206.50, located in Mumbai, India and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.galaxypromo.bigcityexperience.com.
TLS certificate: Issued by R3 on December 13th 2023. Valid for: 3 months.

This is the only time www.galaxypromo.bigcityexperience.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9 20	35.200.206.50 35.200.206.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:e2:... 2606:4700:e2::ac40:8c0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
5	2607:f8b0:400... 2607:f8b0:4004:c08::93	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4004:c08::65	15169 (GOOGLE) (GOOGLE)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
39	13

20 35.200.206.50 (Mumbai, India) 9 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.206.200.35.bc.googleusercontent.com

www.galaxypromo.bigcityexperience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galaxypromo.bigcityexperience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c08::93 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::65 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	bigcityexperience.com 9 redirects www.galaxypromo.bigcityexperience.com galaxypromo.bigcityexperience.com	252 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 t.clarity.ms — Cisco Umbrella Rank: 7201 c.clarity.ms — Cisco Umbrella Rank: 1377	23 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	670 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	36 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	237 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	324 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	130 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	15 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	763 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	12 KB
39	10

	Domain	Requested by
11	www.galaxypromo.bigcityexperience.com	www.galaxypromo.bigcityexperience.com
9	galaxypromo.bigcityexperience.com	9 redirects
6	www.gstatic.com	www.google.com www.gstatic.com
5	www.google.com	www.galaxypromo.bigcityexperience.com www.gstatic.com www.google.com
3	t.clarity.ms	www.clarity.ms
3	www.googletagmanager.com	www.galaxypromo.bigcityexperience.com www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	www.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	www.galaxypromo.bigcityexperience.com www.clarity.ms
2	code.jquery.com	www.galaxypromo.bigcityexperience.com
2	cdnjs.cloudflare.com	www.galaxypromo.bigcityexperience.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	www.google.com
1	use.fontawesome.com	www.galaxypromo.bigcityexperience.com
39	14

This site contains links to these domains. Also see Links.

Domain
galaxypromo.bigcityexperience.com

Subject Issuer	Validity	Valid
galaxypromo.bigcityexperience.com R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.galaxypromo.bigcityexperience.com/
Frame ID: C11C6A9C64AEB6D0E7D657307FA7CB38
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW&co=aHR0cHM6Ly93d3cuZ2FsYXh5cHJvbW8uYmlnY2l0eWV4cGVyaWVuY2UuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8sj5hpvoom4c
Frame ID: 038955F6A091AE1271810C4158D02898
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW
Frame ID: 788042CA0F7ADEF835F385355B2EAE02
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Page

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

39
Requests

74 %
HTTPS

77 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

1375 kB
Transfer

3733 kB
Size

13
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://galaxypromo.bigcityexperience.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://galaxypromo.bigcityexperience.com/how-to-redeem
Title: How to Redeem

Search URL Search Domain Scan URL

URL: https://galaxypromo.bigcityexperience.com/terms-and-conditions
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://galaxypromo.bigcityexperience.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://galaxypromo.bigcityexperience.com/faqs
Title: FAQs

Search URL Search Domain Scan URL

URL: https://galaxypromo.bigcityexperience.com/helpdesk
Title: HelpDesk

Search URL Search Domain Scan URL

URL: https://galaxypromo.bigcityexperience.com/terms-and-condition
Title: Terms

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://galaxypromo.bigcityexperience.com/assets/frontend/css/bootstrap.min.css HTTP 301
https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/bootstrap.min.css

Request Chain 3

https://galaxypromo.bigcityexperience.com/assets/frontend/css/font.css HTTP 301
https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/font.css

Request Chain 4

https://galaxypromo.bigcityexperience.com/assets/frontend/css/local.css HTTP 301
https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/local.css

Request Chain 5

https://galaxypromo.bigcityexperience.com/assets/frontend/css/responsive.css HTTP 301
https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/responsive.css

Request Chain 7

https://galaxypromo.bigcityexperience.com/assets/frontend/js/jquery.js HTTP 301
https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/jquery.js

Request Chain 9

https://galaxypromo.bigcityexperience.com/assets/frontend/js/bootstrap.min.js HTTP 301
https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/bootstrap.min.js

Request Chain 13

https://galaxypromo.bigcityexperience.com/assets/uploads/coming_soon.jpg HTTP 301
https://www.galaxypromo.bigcityexperience.com/assets/uploads/coming_soon.jpg

Request Chain 14

https://galaxypromo.bigcityexperience.com//assets/frontend/images/loader.gif HTTP 301
https://www.galaxypromo.bigcityexperience.com//assets/frontend/images/loader.gif

Request Chain 15

https://galaxypromo.bigcityexperience.com/assets/frontend/js/local.js HTTP 301
https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/local.js

Request Chain 34

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=16CCF2576A71486D8A917DDFAA60493D&RedC=c.clarity.ms&MXFR=3ADC6DE5DBBF611110BA7E03DFBF6F1E HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=16CCF2576A71486D8A917DDFAA60493D&MUID=11321CE8F18F6F4D00B20F0EF0ED6E3C

39 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.galaxypromo.bigcityexperience.com/ 26 KB
6 KB 965ms
255ms Document
text/html 35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

67e444fc6a7bf05e8cfd7f3b863af5d014e782bf64ddef9d5ac5fceb79e6bc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 17:08:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx-rc
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.2/css/ 54 KB
12 KB 49ms
21ms Stylesheet
text/css 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by: Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126662
etag: W/"77cbad34e5ce95e70847b074e05faeab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRyiEZ%2FrgTkkGaEvuMXMueZY%2FqnisbSASx0Uc1OrsCyfgeFxmOATyQOiUGJhsiUzM182NXFnCTrnZGJZqa0%2Ff4bVmbAxbvh%2BD%2B1%2Fp%2FlH7UBtJo3TdO8x1RWCtcBRKTM7u96nZDwdTqIye0zZmMGbI4L1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 834fcff439e95e7d-EWR
alt-svc: h3=":443"; ma=86400

GET
H2

200

bootstrap.min.css
www.galaxypromo.bigcityexperience.com/assets/frontend/css/
Redirect Chain

https://galaxypromo.bigcityexperience.com/assets/frontend/css/bootstrap.min.css
https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/bootstrap.min.css

152 KB
21 KB

339ms
339ms

Stylesheet
text/css

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/bootstrap.min.css

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:50 GMT
server: nginx-rc
etag: W/"64076516-2606e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:00 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/bootstrap.min.css
date: Wed, 13 Dec 2023 17:09:00 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2 200 bootstrap-datepicker.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/css/ 17 KB
2 KB 54ms
22ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/css/bootstrap-datepicker.css

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cb3541f348c12fc41868cac044ec45d8948ae6a3bfa7ec5e2826b6b522039a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3647672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1774
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-4326"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAWBe%2Blnc0EYMzUYt7kK4fobtAs5xVvHdoT%2FTpfkIkV3xL26w7ItBQxE1aB2UotQtLqZ8lD%2FUzEFg9NetUOU3gtjDbCmNRQERponxBbL29WttKboI2MS3wh7TnlTBpnoErvfeWoxdidzABCyw79dM%2BDV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834fcff44f8443aa-EWR
expires: Mon, 02 Dec 2024 17:09:00 GMT

GET
H2

200

font.css
www.galaxypromo.bigcityexperience.com/assets/frontend/css/
Redirect Chain

https://galaxypromo.bigcityexperience.com/assets/frontend/css/font.css
https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/font.css

4 KB
615 B

216ms
216ms

Stylesheet
text/css

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/font.css

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

23b1421ddebd0082590093607b7edca66bef1260dba5aad41985818435481a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:49 GMT
server: nginx-rc
etag: W/"64076515-e8a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:00 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/font.css
date: Wed, 13 Dec 2023 17:09:00 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2

200

local.css
www.galaxypromo.bigcityexperience.com/assets/frontend/css/
Redirect Chain

https://galaxypromo.bigcityexperience.com/assets/frontend/css/local.css
https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/local.css

11 KB
3 KB

235ms
234ms

Stylesheet
text/css

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/local.css

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

e3ba76878a8f39d6c54fff6433d7318d69857c9a01018203e4240ec8d5e7da91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 13 Mar 2023 09:58:36 GMT
server: nginx-rc
etag: W/"640ef3cc-2ab8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:00 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/local.css
date: Wed, 13 Dec 2023 17:09:00 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2

200

responsive.css
www.galaxypromo.bigcityexperience.com/assets/frontend/css/
Redirect Chain

https://galaxypromo.bigcityexperience.com/assets/frontend/css/responsive.css
https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/responsive.css

8 KB
2 KB

234ms
233ms

Stylesheet
text/css

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/responsive.css

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

e9d1aa83145fd742f7804fec91b174cb7840cf4d6d8af4c8f423f8068e7ec91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:47 GMT
server: nginx-rc
etag: W/"64076513-1f22"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:00 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/responsive.css
date: Wed, 13 Dec 2023 17:09:00 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 40ms
10ms Stylesheet
text/css 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: gzip
via: 1.1 varnish
age: 5477254
x-cache: HIT
content-length: 8323
x-served-by: cache-lga21977-LGA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702487340.204122,VS0,VE0
etag: W/"28feccc0-8c85"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 44333

GET
H2

200

jquery.js Show response
www.galaxypromo.bigcityexperience.com/assets/frontend/js/
Redirect Chain

https://galaxypromo.bigcityexperience.com/assets/frontend/js/jquery.js
https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/jquery.js

86 KB
30 KB

494ms
494ms

Script
application/javascript

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/jquery.js

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:10 GMT
server: nginx-rc
etag: W/"640764ee-15851"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:00 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/jquery.js
date: Wed, 13 Dec 2023 17:09:00 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 41ms
11ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: gzip
via: 1.1 varnish
age: 7685140
x-cache: HIT
content-length: 124434
x-served-by: cache-lga21977-LGA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702487340.204117,VS0,VE0
etag: W/"28feccc0-7f20a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 67821

GET
H2

200

bootstrap.min.js Show response
www.galaxypromo.bigcityexperience.com/assets/frontend/js/
Redirect Chain

https://galaxypromo.bigcityexperience.com/assets/frontend/js/bootstrap.min.js
https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/bootstrap.min.js

57 KB
15 KB

494ms
493ms

Script
application/javascript

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/bootstrap.min.js

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:12 GMT
server: nginx-rc
etag: W/"640764f0-e2d8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:00 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/bootstrap.min.js
date: Wed, 13 Dec 2023 17:09:00 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2 200 bootstrap-datepicker.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/js/ 57 KB
13 KB 63ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/js/bootstrap-datepicker.js

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

248043456441d27ebbb2332eb13cb8c59f4bd3d57c048345d2777f51450e8b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2978166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12920
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-e22a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoAWT1uVDQrpM2iSFeoxQkkyT4MHcsioBXL13m1z8VcKtfLpmEaP1kfRHx2153tubzrE48nk%2FyHEEL5JFmJzzNR7qNWRnQt5PLHz34PXGzM8NBGy52LGg2cMcUST25TorfIk2Fgm%2BLePv%2B4QxoYb%2BvvL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834fcff44f8743aa-EWR
expires: Mon, 02 Dec 2024 17:09:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 88ms
39ms Script
text/javascript 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 13 Dec 2023 17:09:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 122ms
73ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GC6Y432Q85

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a335cbdabb9edd90f2daf032d2a8b7d2caec1d86118ba1456d3da945d20d222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 17:09:01 GMT

GET
H2

200

coming_soon.jpg
www.galaxypromo.bigcityexperience.com/assets/uploads/
Redirect Chain

https://galaxypromo.bigcityexperience.com/assets/uploads/coming_soon.jpg
https://www.galaxypromo.bigcityexperience.com/assets/uploads/coming_soon.jpg

96 KB
94 KB

252ms
251ms

Image
image/jpeg

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/uploads/coming_soon.jpg

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

0c19c602ff052fa7630e58a3a0fd5229a96d4a303dc5e0499e5b5d1d75985b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:55 GMT
server: nginx-rc
etag: W/"6407651b-18183"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:01 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com/assets/uploads/coming_soon.jpg
date: Wed, 13 Dec 2023 17:09:00 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2

200

loader.gif
www.galaxypromo.bigcityexperience.com//assets/frontend/images/
Redirect Chain

https://galaxypromo.bigcityexperience.com//assets/frontend/images/loader.gif
https://www.galaxypromo.bigcityexperience.com//assets/frontend/images/loader.gif

17 KB
17 KB

252ms
251ms

Image
image/gif

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.galaxypromo.bigcityexperience.com//assets/frontend/images/loader.gif

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

a266bffb66712aab991ae6dc4869f60ddf744ba0ce680b5fcc4085dc296424dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:45 GMT
server: nginx-rc
etag: W/"64076511-4530"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:01 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com//assets/frontend/images/loader.gif
date: Wed, 13 Dec 2023 17:09:00 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2

200

local.js Show response
www.galaxypromo.bigcityexperience.com/assets/frontend/js/
Redirect Chain

https://galaxypromo.bigcityexperience.com/assets/frontend/js/local.js
https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/local.js

1 KB
610 B

434ms
432ms

Script
application/javascript

35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/local.js

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

b4ec040fb256db310d8850b36a8dd5120658093e80678d6336feec8629ff7e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:11 GMT
server: nginx-rc
etag: W/"640764ef-4ca"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:01 GMT

Redirect headers

location: https://www.galaxypromo.bigcityexperience.com/assets/frontend/js/local.js
date: Wed, 13 Dec 2023 17:09:01 GMT
server: nginx-rc/1.21.4.3
content-length: 174
content-type: text/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
62 KB 91ms
42ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSGXZSS

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6912153b6fab4e3fa8ffa4ea93f864b1501f4231379e5e2d688cc98016d52592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62849
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 17:09:01 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c67c5ccd4ee17ff271a11da5cee70d4560728cdfb6a0d077b69db008820427f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 RobotoCondensed-Regular.ttf
www.galaxypromo.bigcityexperience.com/assets/frontend/fonts/ 134 KB
63 KB 452ms
451ms Font
application/octet-stream 35.200.206.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.galaxypromo.bigcityexperience.com/assets/frontend/fonts/RobotoCondensed-Regular.ttf

Requested by

Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/font.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.200.206.50 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

50.206.200.35.bc.googleusercontent.com

Software

nginx-rc /

Resource Hash

5e8fc3a5a96cfa8580fc574adc43ca521289d388f1ff02997474ad9c41556167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.galaxypromo.bigcityexperience.com/assets/frontend/css/font.css
Origin: https://www.galaxypromo.bigcityexperience.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 16:23:26 GMT
server: nginx-rc
etag: W/"640764fe-2173c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Fri, 12 Jan 2024 17:09:01 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 503 KB
202 KB 247ms
17ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.galaxypromo.bigcityexperience.com/
Origin: https://www.galaxypromo.bigcityexperience.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 16:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 16:09:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 34ms
33ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GC6Y432Q85&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSGXZSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8d4dea9f906a9d2a11ad6baca8d6730236e9af6eb000ba119731e2b4dcdbb26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89872
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 17:09:01 GMT

GET
H2 200 fg5fkmes2c Show response
www.clarity.ms/tag/ 668 B
1 KB 172ms
39ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fg5fkmes2c?ref=gtm2
Requested by: Host: www.galaxypromo.bigcityexperience.com
URL: https://www.galaxypromo.bigcityexperience.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5a1b2e09a9214169bf4bfd993c765d44e58a9d3d803bf84a38c0a4da08d8f238

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
date: Wed, 13 Dec 2023 17:09:01 GMT
x-azure-ref: 0LeV5ZQAAAAD/LTSBagDiSYIo9z309nnqRVdSMzBFREdFMDUxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 668
expires: -1

POST
H2 204 collect
www.google-analytics.com/g/ 0
270 B 119ms
24ms Ping
text/plain 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GC6Y432Q85&gtm=45je3bt0v899388401z8899376247&_p=1702487341325&gcd=11l1l1l1l1&dma=0&cid=978474800.1702487342&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702487341&sct=1&seg=0&dl=https%3A%2F%2Fwww.galaxypromo.bigcityexperience.com%2F&dt=Home%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2511
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC6Y432Q85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::65 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:09:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.galaxypromo.bigcityexperience.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
20 KB 11ms
11ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fg5fkmes2c?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:01 GMT
content-encoding: br
last-modified: Tue, 12 Dec 2023 14:56:42 GMT
etag: "0x8DBFB228DBA7C2C"
x-azure-ref: 0LeV5ZQAAAABhuxYMyJDSRYY3uOM9oEG2RVdSMzBFREdFMDUxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c70e9c99-001e-0079-1930-2dd2ff000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
317 B 537ms
24ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.galaxypromo.bigcityexperience.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.galaxypromo.bigcityexperience.com
Date: Wed, 13 Dec 2023 17:09:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0389 42 KB
27 KB 66ms
44ms Document
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW&co=aHR0cHM6Ly93d3cuZ2FsYXh5cHJvbW8uYmlnY2l0eWV4cGVyaWVuY2UuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8sj5hpvoom4c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9fe39c48c0ccbc96e7d669f6bf0d7630aee58ba695b28cd9b16495ddeb0b683b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LC8-GKDlqR35wfLLgsE0hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.galaxypromo.bigcityexperience.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LC8-GKDlqR35wfLLgsE0hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:09:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 0389 55 KB
24 KB 56ms
17ms Stylesheet
text/css 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW&co=aHR0cHM6Ly93d3cuZ2FsYXh5cHJvbW8uYmlnY2l0eWV4cGVyaWVuY2UuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8sj5hpvoom4c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 08:45:55 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 0389 503 KB
201 KB 71ms
32ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 16:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 16:09:34 GMT

GET
DATA 200
OK truncated
/ Frame 0389 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0389 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0389 2 KB
2 KB 20ms
19ms Image
image/png 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:52:22 GMT
x-content-type-options: nosniff
age: 515800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 14 Dec 2023 17:52:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0389 15 KB
16 KB 72ms
26ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 05:42:11 GMT
x-content-type-options: nosniff
age: 41211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 05:42:11 GMT

GET
H3 200 mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js Show response
www.google.com/js/bg/ Frame 0389 17 KB
7 KB 16ms
15ms Script
text/javascript 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW&co=aHR0cHM6Ly93d3cuZ2FsYXh5cHJvbW8uYmlnY2l0eWV4cGVyaWVuY2UuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8sj5hpvoom4c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 10:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6828
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 10:13:46 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0389 102 B
135 B 30ms
29ms Other
text/javascript 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW&co=aHR0cHM6Ly93d3cuZ2FsYXh5cHJvbW8uYmlnY2l0eWV4cGVyaWVuY2UuY29tOjQ0Mw..&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=8sj5hpvoom4c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 13 Dec 2023 17:09:02 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=16CCF2576A71486D8A917DDFAA60493D&RedC=c.clarity.ms&MXFR=3ADC6DE5DBBF611110BA7E03DFBF6F1E
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=16CCF2576A71486D8A917DDFAA60493D&MUID=11321CE8F18F6F4D00B20F0EF0ED6E3C

42 B
442 B

20ms
19ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=16CCF2576A71486D8A917DDFAA60493D&MUID=11321CE8F18F6F4D00B20F0EF0ED6E3C
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:09:02 GMT
last-modified: Wed, 30 Aug 2023 15:12:15 GMT
server: Microsoft-IIS/10.0
etag: "3370fe5b54dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:09:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD4D9437465E464A8F99BDD4AA4AFB04 Ref B: EWR311000105009 Ref C: 2023-12-13T17:09:02Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=16CCF2576A71486D8A917DDFAA60493D&MUID=11321CE8F18F6F4D00B20F0EF0ED6E3C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7880 7 KB
1 KB 40ms
39ms Document
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

00d05fb0dc326c21eaadf537d56c3fdbd4c197205832adecb01f9b7667ee836d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cy9jIj8Dh86HExhasFOrYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.galaxypromo.bigcityexperience.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Cy9jIj8Dh86HExhasFOrYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 17:09:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 7880 55 KB
24 KB 22ms
21ms Stylesheet
text/css 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 08:45:55 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 7880 503 KB
201 KB 20ms
20ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdGC-0UAAAAAAxuqZewa0ITglri2_3b-dnueANW

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 16:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 16:09:34 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
317 B 20ms
20ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.galaxypromo.bigcityexperience.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.galaxypromo.bigcityexperience.com
Date: Wed, 13 Dec 2023 17:09:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
317 B 21ms
21ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.galaxypromo.bigcityexperience.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.galaxypromo.bigcityexperience.com
Date: Wed, 13 Dec 2023 17:09:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 28ms
27ms Ping
text/plain 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GC6Y432Q85&gtm=45je3bt0v899388401&_p=1702487341325&gcd=11l1l1l1l1&dma=0&cid=978474800.1702487342&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702487341&sct=1&seg=0&dl=https%3A%2F%2Fwww.galaxypromo.bigcityexperience.com%2F&dt=Home%20Page&en=scroll&epn.percent_scrolled=90&_et=12&tfd=7528
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GC6Y432Q85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::65 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.galaxypromo.bigcityexperience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 17:09:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.galaxypromo.bigcityexperience.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.galaxypromo.bigcityexperience.com/	1970-01-20 16:54:54	Name: ci_session Value: r7v5mvb41sbdefnhhidcof2t3hueoh54
.bigcityexperience.com/	1970-01-21 02:30:47	Name: _ga Value: GA1.1.978474800.1702487342
.bigcityexperience.com/	1970-01-21 02:30:47	Name: _ga_GC6Y432Q85 Value: GS1.1.1702487341.1.0.1702487341.0.0.0
www.clarity.ms/	1970-01-21 01:40:23	Name: CLID Value: 7e6e39b73af94aa89c80d5f10a9f1998.20231213.20241212
.bigcityexperience.com/	1970-01-21 01:40:23	Name: _clck Value: oritq1%7C2%7Cfhi%7C0%7C1442
.bigcityexperience.com/	1970-01-20 16:56:13	Name: _clsk Value: 1fe845b%7C1702487342376%7C1%7C1%7Ct.clarity.ms%2Fcollect
.bing.com/	1970-01-21 02:16:23	Name: MUID Value: 11321CE8F18F6F4D00B20F0EF0ED6E3C
.c.bing.com/	1970-01-20 17:04:52	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:16:23	Name: SRM_B Value: 11321CE8F18F6F4D00B20F0EF0ED6E3C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:16:23	Name: MUID Value: 11321CE8F18F6F4D00B20F0EF0ED6E3C
.c.clarity.ms/	1970-01-20 17:04:52	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:54:47	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
galaxypromo.bigcityexperience.com
t.clarity.ms
use.fontawesome.com
www.clarity.ms
www.galaxypromo.bigcityexperience.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
20.110.205.119
20.114.189.70
2606:4700::6811:190e
2606:4700:e2::ac40:8c0d
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c08::65
2607:f8b0:4004:c08::93
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::61
2620:1ec:bdf::40
2620:1ec:c11::200
2a04:4e42::649
35.200.206.50
00d05fb0dc326c21eaadf537d56c3fdbd4c197205832adecb01f9b7667ee836d
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c19c602ff052fa7630e58a3a0fd5229a96d4a303dc5e0499e5b5d1d75985b30
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c67c5ccd4ee17ff271a11da5cee70d4560728cdfb6a0d077b69db008820427f
23b1421ddebd0082590093607b7edca66bef1260dba5aad41985818435481a81
248043456441d27ebbb2332eb13cb8c59f4bd3d57c048345d2777f51450e8b8f
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4a335cbdabb9edd90f2daf032d2a8b7d2caec1d86118ba1456d3da945d20d222
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
5a1b2e09a9214169bf4bfd993c765d44e58a9d3d803bf84a38c0a4da08d8f238
5e8fc3a5a96cfa8580fc574adc43ca521289d388f1ff02997474ad9c41556167
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
67e444fc6a7bf05e8cfd7f3b863af5d014e782bf64ddef9d5ac5fceb79e6bc29
6912153b6fab4e3fa8ffa4ea93f864b1501f4231379e5e2d688cc98016d52592
6cb3541f348c12fc41868cac044ec45d8948ae6a3bfa7ec5e2826b6b522039a3
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9fe39c48c0ccbc96e7d669f6bf0d7630aee58ba695b28cd9b16495ddeb0b683b
a266bffb66712aab991ae6dc4869f60ddf744ba0ce680b5fcc4085dc296424dc
b4ec040fb256db310d8850b36a8dd5120658093e80678d6336feec8629ff7e26
c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77
c8d4dea9f906a9d2a11ad6baca8d6730236e9af6eb000ba119731e2b4dcdbb26
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ba76878a8f39d6c54fff6433d7318d69857c9a01018203e4240ec8d5e7da91
e9d1aa83145fd742f7804fec91b174cb7840cf4d6d8af4c8f423f8068e7ec91a

www.galaxypromo.bigcityexperience.com Open in urlscan Pro 35.200.206.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

74 %HTTPS

77 %IPv6

10 Domains

14 Subdomains

13 IPs

2 Countries

1375 kBTransfer

3733 kBSize

13 Cookies

7 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.galaxypromo.bigcityexperience.com Open in urlscan Pro
35.200.206.50 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

74 %
HTTPS

77 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

1375 kB
Transfer

3733 kB
Size

13
Cookies

39 HTTP transactions
3 data transactions