visitroo.com Open in urlscan Pro
104.21.19.248 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://visitroo.com/
Submission: On February 19 via manual (February 19th 2022, 10:45:51 pm UTC) from US — Scanned from US

Summary HTTP 136 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 42 IPs in 3 countries across 41 domains to perform 136 HTTP transactions. The main IP is 104.21.19.248, located in and belongs to CLOUDFLARENET, US. The main domain is visitroo.com.

This is the only time visitroo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
51	104.21.19.248 104.21.19.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
1	54.230.244.132 54.230.244.132	16509 (AMAZON-02) (AMAZON-02)
2	142.250.72.110 142.250.72.110	15169 (GOOGLE) (GOOGLE)
8	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
2	142.251.40.234 142.251.40.234	15169 (GOOGLE) (GOOGLE)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	184.73.100.94 184.73.100.94	14618 (AMAZON-AES) (AMAZON-AES)
5	142.250.64.99 142.250.64.99	15169 (GOOGLE) (GOOGLE)
1	34.204.113.242 34.204.113.242	14618 (AMAZON-AES) (AMAZON-AES)
2	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1	107.20.140.231 107.20.140.231	14618 (AMAZON-AES) (AMAZON-AES)
4	23.217.18.198 23.217.18.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	169.44.76.76 169.44.76.76	36351 (SOFTLAYER) (SOFTLAYER)
2 6	54.85.224.115 54.85.224.115	14618 (AMAZON-AES) (AMAZON-AES)
1 3	52.85.61.28 52.85.61.28	16509 (AMAZON-02) (AMAZON-02)
1	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	76.223.58.180 76.223.58.180	16509 (AMAZON-02) (AMAZON-02)
1 2	52.73.153.177 52.73.153.177	14618 (AMAZON-AES) (AMAZON-AES)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	104.16.138.31 104.16.138.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	217.20.147.3 217.20.147.3	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	104.18.26.71 104.18.26.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 3	18.214.54.215 18.214.54.215	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.195.108.221 23.195.108.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1 2	104.18.101.194 104.18.101.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.85.61.44 52.85.61.44	16509 (AMAZON-02) (AMAZON-02)
2 3	68.67.161.205 68.67.161.205	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.85.61.108 52.85.61.108	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.129 199.38.167.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	52.71.162.243 52.71.162.243	14618 (AMAZON-AES) (AMAZON-AES)
1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
13	142.250.64.97 142.250.64.97	15169 (GOOGLE) (GOOGLE)
2	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1 2	142.251.40.196 142.251.40.196	15169 (GOOGLE) (GOOGLE)
1	142.251.32.99 142.251.32.99	15169 (GOOGLE) (GOOGLE)
136	42

51 104.21.19.248 (None, )

ASN13335 (CLOUDFLARENET, US)

visitroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.244.132 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-244-132.ewr53.r.cloudfront.net

dsms0mj1bbhn4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.110 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.64.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.234 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.64.99 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.113.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-113-242.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.140.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-140-231.compute-1.amazonaws.com

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.217.18.198 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-18-198.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.44.76.76 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 4c.4c.2ca9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.85.224.115 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-224-115.compute-1.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.61.28 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-28.ewr53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.58.180 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aa99c9d83a6ef87e2.awsglobalaccelerator.com

aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.153.177 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-153-177.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.138.31 (None, )

ASN13335 (CLOUDFLARENET, US)

api.bufferapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.147.3 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip3.147.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

api.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.71 (None, )

ASN13335 (CLOUDFLARENET, US)

www.yummly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.214.54.215 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-215.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.108.221 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-108-221.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.101.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.44 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-44.ewr53.r.cloudfront.net

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.161.205 (Brooklyn, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 799.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-108.ewr53.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.162.243 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-162-243.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.64.97 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.99 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	visitroo.com visitroo.com	2 MB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	318 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	65 KB
6	ml314.com 2 redirects ml314.com — Cisco Umbrella Rank: 1357	9 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	129 KB
4	owneriq.net px.owneriq.net — Cisco Umbrella Rank: 789	17 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 350	3 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 845	2 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 6696 ic.tynt.com — Cisco Umbrella Rank: 4079 de.tynt.com — Cisco Umbrella Rank: 1078	6 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	2 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	stackpathcdn.com m9m6e2w5.stackpathcdn.com — Cisco Umbrella Rank: 19591	99 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	76 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 458	1 KB
2	affec.tv 1 redirects map.go.affec.tv — Cisco Umbrella Rank: 4244	1 KB
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 497	543 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 322	384 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	834 B
2	aggle.net 1 redirects aggle.net — Cisco Umbrella Rank: 7032	607 B
2	shareaholic.com analytics.shareaholic.com — Cisco Umbrella Rank: 19358 partner.shareaholic.com — Cisco Umbrella Rank: 22848	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610	83 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	33across.com 1 redirects dp1.33across.com — Cisco Umbrella Rank: 3676	519 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 692	547 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 615	1 KB
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1871	818 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1050	642 B
1	tapad.com tapestry.tapad.com — Cisco Umbrella Rank: 955	497 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 283	449 B
1	yummly.com www.yummly.com — Cisco Umbrella Rank: 50166	683 B
1	vk.com vk.com — Cisco Umbrella Rank: 5435	482 B
1	tumblr.com api.tumblr.com — Cisco Umbrella Rank: 28910	353 B
1	reddit.com www.reddit.com — Cisco Umbrella Rank: 2396	1 KB
1	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2494	303 B
1	ok.ru connect.ok.ru — Cisco Umbrella Rank: 21839	2 KB
1	bufferapp.com api.bufferapp.com — Cisco Umbrella Rank: 37800	411 B
1	simpli.fi i.simpli.fi — Cisco Umbrella Rank: 3055	789 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	646 B
1	shareaholic.net www.shareaholic.net — Cisco Umbrella Rank: 18957	2 KB
1	cloudfront.net dsms0mj1bbhn4.cloudfront.net	5 KB
136	41

	Domain	Requested by
51	visitroo.com	visitroo.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	visitroo.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	ml314.com	2 redirects partner.shareaholic.com ml314.com visitroo.com
5	fonts.gstatic.com	fonts.googleapis.com
4	px.owneriq.net	partner.shareaholic.com px.owneriq.net visitroo.com
3	secure.adnxs.com	2 redirects visitroo.com
3	ps.eyeota.net	2 redirects visitroo.com
3	sb.scorecardresearch.com	1 redirects partner.shareaholic.com visitroo.com
3	m9m6e2w5.stackpathcdn.com	dsms0mj1bbhn4.cloudfront.net visitroo.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	i.liadm.com	2 redirects
2	map.go.affec.tv	1 redirects visitroo.com
2	p.adsymptotic.com	1 redirects visitroo.com
2	us-u.openx.net	1 redirects px.owneriq.net
2	sync.crwdcntrl.net	1 redirects visitroo.com
2	aggle.net	1 redirects partner.shareaholic.com
2	maxcdn.bootstrapcdn.com	visitroo.com maxcdn.bootstrapcdn.com
2	fonts.googleapis.com	visitroo.com googleads.g.doubleclick.net
2	www.google-analytics.com	visitroo.com www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	dp1.33across.com	1 redirects
1	pippio.com	visitroo.com
1	p.rfihub.com	1 redirects
1	live.rezync.com	1 redirects
1	de.tynt.com	cdn.tynt.com
1	pixel.mathtag.com	1 redirects
1	tapestry.tapad.com	px.owneriq.net
1	idsync.rlcdn.com	px.owneriq.net
1	www.yummly.com	m9m6e2w5.stackpathcdn.com
1	vk.com	m9m6e2w5.stackpathcdn.com
1	api.tumblr.com	m9m6e2w5.stackpathcdn.com
1	www.reddit.com	m9m6e2w5.stackpathcdn.com
1	api.pinterest.com	m9m6e2w5.stackpathcdn.com
1	connect.ok.ru	m9m6e2w5.stackpathcdn.com
1	api.bufferapp.com	m9m6e2w5.stackpathcdn.com
1	ic.tynt.com	visitroo.com
1	cdn.tynt.com	partner.shareaholic.com
1	i.simpli.fi	partner.shareaholic.com
1	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	www.shareaholic.net	dsms0mj1bbhn4.cloudfront.net
1	dsms0mj1bbhn4.cloudfront.net	visitroo.com
136	47

This site contains links to these domains. Also see Links.

Domain
www.pinterest.com
www.youtube.com
twitter.com
plus.google.com
www.facebook.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-31` - `2022-05-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.shareaholic.net R3	`2022-01-30` - `2022-04-30`	3 months	crt.sh
shareaholic.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.shareaholic.com R3	`2022-01-26` - `2022-04-26`	3 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
aggle.net Amazon	`2021-11-07` - `2022-12-06`	a year	crt.sh
api.bufferapp.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2022-08-16`	2 years	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2021-02-18` - `2022-03-21`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
tumblr.com DigiCert SHA2 Extended Validation Server CA	`2020-07-09` - `2022-04-14`	2 years	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://visitroo.com/
Frame ID: D06747E7519A58D568973DED98745684
Requests: 101 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: 90F8007E113B982CF1B08CB5C1FFC560
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=2366104698&adf=1524467814&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741865&bpp=5&bdt=453&idt=152&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=4142132405610&frm=20&pv=2&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bEH9Ibkgln&p=http%3A//visitroo.com&dtd=187
Frame ID: 8C8852403B78190B555B26A4CDECA1A3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197
Frame ID: 0DCEE92267281FC5F200167C3D57F0E4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&adk=1812271804&adf=3025194257&lmt=1645310742&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fvisitroo.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1645310741914&bpp=1&bdt=501&idt=172&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C970x250&nras=1&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=178
Frame ID: 44AFF1E7B59D488477508C6D6B797C12
Requests: 1 HTTP requests in this frame

Frame: https://aggle.net/ifrsync?pid=PP7C66WR6&puid=578c2454-fba7-4180-a53e-d7d5e6d4950a
Frame ID: 0C3032B9E18455DBA26C971282A0AA5F
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/eps?pt=sholic&pid=1693&uid=Q6985971421360981965J&l=true
Frame ID: 0B2782C089E9E00AF3D3E5A2CE8F2672
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E9333A53D87D857A7EC405B7CADAE3FB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Frame ID: 45B13219EB4DC9C16F19C3287308DD6E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Frame ID: 50C963302D3EADC808F84A84EC75C8BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E3F2D3A6443ADCB9385EE256B718184
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65B986CB58C1387A1461C9CE507A1E13
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Visit Quintana Roo, Yucatan Peninsula, Cenote Mexico, Tulum, Cozumel

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

50 %
HTTPS

0 %
IPv6

41
Domains

47
Subdomains

42
IPs

3
Countries

2877 kB
Transfer

3968 kB
Size

56
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pinterest.com/goroomx/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCS9HEKIRjUQ1q2HEhcL4L6w

Search URL Search Domain Scan URL

URL: https://twitter.com/GorooMexico

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/+GorooMx1/posts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/goroomx

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 80

https://aggle.net/iframe?pid=PP7C66WR6&puid=578c2454-fba7-4180-a53e-d7d5e6d4950a HTTP 301
https://aggle.net/ifrsync?pid=PP7C66WR6&puid=578c2454-fba7-4180-a53e-d7d5e6d4950a

Request Chain 81

https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=578c2454-fba7-4180-a53e-d7d5e6d4950a HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/tpid=578c2454-fba7-4180-a53e-d7d5e6d4950a

Request Chain 82

https://sb.scorecardresearch.com/b?c1=7&c2=19376307&c3=1&ns__t=1645310742241&ns_c=UTF-8&cv=3.5&c8=Visit%20Quintana%20Roo%2C%20Yucatan%20Peninsula%2C%20Cenote%20Mexico%2C%20Tulum%2C%20Cozumel&c7=http%3A%2F%2Fvisitroo.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=19376307&c3=1&ns__t=1645310742241&ns_c=UTF-8&cv=3.5&c8=Visit%20Quintana%20Roo%2C%20Yucatan%20Peninsula%2C%20Cenote%20Mexico%2C%20Tulum%2C%20Cozumel&c7=http%3A%2F%2Fvisitroo.com%2F&c9=

Request Chain 97

https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q6985971421360981965J HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537073059&val=Q6985971421360981965J

Request Chain 98

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=22NcC3dp-rBManICA6Ak_2sfVdfaKWp8EhpYdBdcZUzM&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ml314.com/csync.ashx?fp=22NcC3dp-rBManICA6Ak_2sfVdfaKWp8EhpYdBdcZUzM&person_id=3625259579801075736&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 99

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=3625259579801075736%26eid=50220 HTTP 302
https://ml314.com/csync.ashx?fp=19ff6211-7316-4300-ae23-169053af578c&person_id=3625259579801075736&eid=50220

Request Chain 102

https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&_rand=1645310742428.1 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&_rand=1645310742428.1&_expected_cookie=fba7e93aef764fa909ae503c1860f3e6

Request Chain 103

https://map.go.affec.tv/map/3a/?pid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&ts=1645310742428.2 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62117316d6bfb40001f2e25a%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 302
https://map.go.affec.tv/map/an/8929090037869049794?ch=62117316d6bfb40001f2e25a&chc=tt&floc=&redirect_url=

Request Chain 104

https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKS2IRcxZIziFAJleaAg%3D%3D&pcat=Travel&pdev=&pctry=US&referrer=http%3A%2F%2Fvisitroo.com%2F&us_privacy=&33random=1645310742428.3 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=1a373165-8b19-458d-853d-b6f30f2070e0%3A1645310742.54&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D1a373165-8b19-458d-853d-b6f30f2070e0%253A1645310742.54%26pid%3D500040%26it%3D1%26iv%3D1a373165-8b19-458d-853d-b6f30f2070e0%253A1645310742.54 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=1a373165-8b19-458d-853d-b6f30f2070e0%3A1645310742.54&pid=500040&it=1&iv=1a373165-8b19-458d-853d-b6f30f2070e0%3A1645310742.54 HTTP 303
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54&pid=500040&_li_chk=true&iv=1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54&previous_uuid=e15c9d8fcf4245a79252167ca5beddcd HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&iv=1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54

Request Chain 105

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&random=1645310742428.4 HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=1917005985433&seg_code=33x&random=1645310742 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D1917005985433%26seg_code%3D33x%26random%3D1645310742

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

136 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
visitroo.com/ 23 KB
7 KB 373ms
349ms Document
text/html 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae7de70606d863a0d10537e40109e5c9534035a32713c8abaf09cfbeb2a3ebd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

Date: Sat, 19 Feb 2022 22:45:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5exaz6vLcweReyR6Mx8Z43ygYKp1C07P%2FNhPZgjmlboe4K1YYUF%2BRJ1UL5p09m7PkmzIWbfHMIw3AKD9LpPVzSJGt8CVdNUhBUKLEMeZuAotApA6yuy9MLUbGF%2BzIg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e0306e3aecc17ad-EWR
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
visitroo.com/css/site/ 21 KB
6 KB 18ms
18ms Stylesheet
text/css 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://visitroo.com/css/site/main.css?v=208
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8db139e6da6b29118761f93ecd10353ddba7ef362979f316cc7bdfa9572d509

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 89591
Cf-Polished: origSize=28684
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 06 Mar 2019 18:58:10 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55KNAegbLhUYP3o6xQS3KS9lmbp5ZBbLBPcohJV4eUOmkU8Hbjos7f9uIGK5cdpnraE8O6FqVledIBJdibEQIPkYZnHB1wHXzdp44BNHbvyKAyI8T0jYz402a3G1O78%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Expires: Sun, 20 Mar 2022 21:52:30 GMT
Cache-Control: max-age=2592000
CF-RAY: 6e0306e5fb0c17ad-EWR
Cf-Bgj: minify

GET
H/1.1 200
OK jquery.min.js Show response
visitroo.com/js/jquery/ 90 KB
33 KB 356ms
352ms Script
text/js 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://visitroo.com/js/jquery/jquery.min.js?v=192
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:41 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 16 May 2014 18:05:17 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WX%2F3a23THYAWtvTRVee1tWck8r42gkLdkfyGORsmOKXNrO36r5m%2BqNmtjw5P79N%2BwXtdmr%2B4ot1Yjyum7n28rPokrinmbUlMs4a1nl%2FCiEmmHA7FNoD8SisTr831WoE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/js
Cache-Control: max-age=5184000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306e5fb8a32f4-EWR
Content-Length: 32776
Expires: Wed, 20 Apr 2022 22:45:41 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
53 KB 38ms
35ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: visitroo.com
URL: http://visitroo.com/

Protocol

HTTP/1.1

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

5db0bfe61bd184aff8494fba4db71b10dc5b310be381a1c78a0458e00d7b7381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 19 Feb 2022 22:45:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5411116441078059907
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 53631
X-XSS-Protection: 0
Expires: Sat, 19 Feb 2022 22:45:41 GMT

GET
H/1.1 200
OK 1400993661_83915.jpg
visitroo.com/img/mx/e/ 63 KB
63 KB 511ms
510ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/e/1400993661_83915.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc207fcedfaeae154cb19a716cba883042582f916f5afb40316286fae2d3cdfa

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 25 May 2014 04:54:21 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6m7dS00yyvPzi%2B1atVZfDIM1G5ibzVvYhB3Pbg2cz0W45%2F654uD%2FZ3abRVE%2FgYLPUcjaZoUI3%2BWMDARfc%2FoLfJai7pQg173%2BEU9KjReUJBODP%2F4%2Fy%2Bz1goIHIu08sc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306e65be817ad-EWR
Content-Length: 64281
Expires: Sun, 19 Feb 2023 22:45:41 GMT

GET
H/1.1 200
OK 1401389365_74856.jpg
visitroo.com/img/mx/e/ 51 KB
52 KB 434ms
434ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/e/1401389365_74856.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e874bb1b36354260953c3c17520cd271a2d70adacd414722193b40802968a2

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 29 May 2014 18:49:25 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtBWf1zFMeRUDPa5RLzIbAcXfIKQ8j1MmstWHYynEXMIV6cTEcxoCfBE8nwF8tgcIkHZgjPn32iTGOaMRVxXe1iVf01mtgo1S4Xl83zj5ZkZbQPzzU48rqNIzkxyuOU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306e8384332f4-EWR
Content-Length: 52291
Expires: Sun, 19 Feb 2023 22:45:41 GMT

GET
H/1.1 200
OK 1398789611_81224.jpg
visitroo.com/img/mx/j/ 50 KB
50 KB 434ms
431ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/j/1398789611_81224.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 555efe40ce2612e5824a6f0e1aa9c1cc28d648b25aff825fff852a52ef8be53e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 29 Apr 2014 16:40:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8LsCRTNit9WqFKazkIW7qfVphTgg2ae6ZyZDFnfT510Vk4VXX%2BS4A52uZkm%2FViqfLFwSZhOJM4f7M4weTmVSrKd9CV%2Fhn5eKCyW7pe3j3o5LZwQjVx75jc0xNRQOag%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306e84ed317f1-EWR
Content-Length: 50786
Expires: Sun, 19 Feb 2023 22:45:41 GMT

GET
H/1.1 200
OK 1454687888_85455.jpg
visitroo.com/img/mx/e/ 58 KB
59 KB 549ms
545ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/e/1454687888_85455.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75666e6fb52457b49f0293bb7832a42f8196f67552493f80f9f85c41521ba6f6

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 05 Feb 2016 15:58:08 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjzgnWqeRCcCQkeqtVHCGaIzqh8KHRoue3kvpxF7igMoEEfkluCkW5CqggFCGxIewUBf3QcdblzWkL1LEhflZd45nCED6MfoqkRn0Wrrij6f7tVVD0CQqFdF0mCIDBY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306e84a8519c3-EWR
Content-Length: 59546
Expires: Sun, 19 Feb 2023 22:45:41 GMT

GET
H/1.1 200
OK 1490887018_72803.jpg
visitroo.com/img/mx/j/ 48 KB
49 KB 423ms
419ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/j/1490887018_72803.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8d225dabaaa86f4ebd1a261a2c5b060a6bbd4ea7e0f2296d6ecf2b2eff9a92

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 30 Mar 2017 15:16:58 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJnFwwFOoUTl8%2BcJ2M8zz%2B4SiEhob3M2zDevwxFZhL6Sc%2B7b0n9P%2FqGJCye1nrGF%2FtOCysfL8t%2Ff6fWJ%2FS2nR1RAUErrkhFAbekJugVcSRkoQx9eRARli%2FiQkM%2F4IyM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306e84e3ceff1-EWR
Content-Length: 49137
Expires: Sun, 19 Feb 2023 22:45:41 GMT

GET
H/1.1 200
OK 1399652287_36799.jpg
visitroo.com/img/mx/a/ 62 KB
62 KB 560ms
556ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/a/1399652287_36799.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07537e28f42815647251bec0059d8c055bf2cf2223e8a929e3843a3890f399e0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 09 May 2014 16:18:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vjufdZjRNG972ustFHgeHr0VhGnIDc2vxzD7xxRV5jBpTjiQp7kg67GP9hL%2B4Y%2Fg%2FB2Daqlg1np6z4WOSzRd5mzRlpjNK3sfLD%2Fb3oShPzTdHTMSUbYAAVDbIr8ltk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306e859338cda-EWR
Content-Length: 63096
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK 1399668730_74290.jpg
visitroo.com/img/mx/h/ 72 KB
72 KB 869ms
869ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/h/1399668730_74290.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f91087c9c346c82402e4d84c3411387bcabc89ef275cb8dc3e7b13859aff0b0b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 09 May 2014 20:52:10 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSDZoa1%2F1UtNTP02ctAhPJtLHoj2DGA6Jbze%2BTuowKiytXA3AM%2Bxb%2Ffut30vIm58RU3kIOLQRHWjKJulsuiV25QkXkBCTpB76IBJBINK1cXAVJ6yaRfZEMSTFqhWM44%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f22f6ceff1-EWR
Content-Length: 73392
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK 1428417927_66624.jpg
visitroo.com/img/mx/h/ 38 KB
39 KB 562ms
562ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/h/1428417927_66624.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc16507c2f5a3b3e5ffeab2ede8de21381fa1420e281a7b941e17fe57bb5854a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Apr 2015 14:45:28 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZKpGnjmCZB8ECSbpigGTNVCc0aBXn0nqCNiS8lFUmYgYuG7N6piyXJ%2FvDDbIZNIy2%2BEcDzt4eLqHNLL9MvZHRhFnY00gpuf7a7OXYZNajqhYf37JZBP06OJck6quJ0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f3ac5217f1-EWR
Content-Length: 39024
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK 1399668641_17514.jpg
visitroo.com/img/mx/j/ 53 KB
53 KB 560ms
560ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/j/1399668641_17514.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db21d0584181f7e3238b5121e4f5edfc93be69a57330973224789b12213905b8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 09 May 2014 20:50:41 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BM4%2BsEevsFGH%2FhVdb1dESYkj196DADc8sPJG8oOxhpUnx6FRFqmUPzXvhOxdnBRAq3HKcwA3T5xSqjNaQ0m9GEttFTvHwJBqUqlEqapgO7E%2BD%2BCzAT6UwW06yhb7qtI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f47eb819c3-EWR
Content-Length: 54030
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1402634373_53069.jpg
visitroo.com/img/mx/r/ 56 KB
57 KB 685ms
684ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/r/1402634373_53069.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71122a802e63c143b48c37d78d74947039e508a38e9b3281db8b7ae76b0ace8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 13 Jun 2014 04:39:33 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EC8ZdI%2Fc6Ew8kEpoSnWD9UxLbASuL%2BuMIAb4x4cNe4pUidVJPZ2%2BAI5o0EWxcjwh9uQUNuXhVKkuO3jcOXNwWrlmNBfrbfQPb1tacj0F97bhLx4CL%2B87sYkHnFs%2FiA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f49a4e8cda-EWR
Content-Length: 57625
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1399423506_32576.jpg
visitroo.com/img/mx/e/ 34 KB
35 KB 465ms
465ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/e/1399423506_32576.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 354af3840552d36e53fc45aeaa34b8b5a7d9df9115d783e5783573236259928a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 07 May 2014 00:45:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cvch%2FhIX%2FRjSOISkGmy%2Bd4nwSNXuKJ1AbjEU21Z3igc7rTe9FkhQ4kiynjSCBVmBb1oeQkcOlwjh8cEuAhFRropqRXZU%2FQ5R8AyRmZGWUDzEGyFoC4F%2FcDxORBC6uAE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f5bb3d17ad-EWR
Content-Length: 34936
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1401385235_14953.jpg
visitroo.com/img/mx/b/ 69 KB
70 KB 762ms
761ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/b/1401385235_14953.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20462689c914ecca5ce540b53a19cd341cf6b6a50d51f8127ce9854190e5b412

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 29 May 2014 17:40:35 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSunGt2BzdthrwZusw0cus%2FATA6QV1JPneKmH0zkyZ5QuZB1YD1sglwQnoJiYpOS6FIEvonpXDJH5PUiQcisWF7ypjO0teGcMjFeg1HEsBDIUrUWcL1dIq%2F12yCveyI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f5c8da32f4-EWR
Content-Length: 71135
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1400954665_60154.jpg
visitroo.com/img/mx/l/ 50 KB
51 KB 440ms
439ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/l/1400954665_60154.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65b30515e84a091f4575fb6da61c862430c42ff927b072089fa5bc071e8a45ab

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 24 May 2014 18:04:25 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQJ3D6b08R9PR6QIWZoWJ%2FjkQS2RW1%2B4epK85T%2BfmPebnQD72%2FoQ5GYIYQ9r%2BFoic9pWyU1UvXTKBjE0ijbwbsTnAc4mqpXsF%2F3RwIlUsyRuQHlXnfEzwrqIjTfvnwY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f739f417f1-EWR
Content-Length: 51665
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1402633262_67782.jpg
visitroo.com/img/mx/e/ 65 KB
66 KB 514ms
514ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/e/1402633262_67782.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f30fc75d3a2dcff25d5bc161173576638e416dd1c00c80db20261fa2d23adcb

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 13 Jun 2014 04:21:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyUGX5kOwIb41CaAcE4zcYUMgJWFC5Ftyt3wR9Oatj3Hbu1Ej6Q9n3a7mNBYFmsWbu21ZFDEUy0G3KQGpH8FOGvPxUv6H7dMNECZleo4QFQcH%2BPgUwYiD%2B3CtYJIrck%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f79d1beff1-EWR
Content-Length: 66501
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1400991644_82616.jpg
visitroo.com/img/mx/l/ 57 KB
58 KB 447ms
447ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/l/1400991644_82616.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ae1c85194b403d3b66ba5e3f4e7e7958b73cedbbe3452b8a3815928b6f2e95

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 25 May 2014 04:20:44 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwxMSLDTkBYr7JElKXlg2ctV6qur7pTDLIIz1hV1QEtseN1kKmwnEAIsDGkanuqLbagMyMyDHAVDBYcxLp5eQ0%2FsvHyd605xCq4%2FCbZ33eBXu5jRw7RSeYCq51D67%2FI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f7fc1819c3-EWR
Content-Length: 58675
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1428611636_52043.jpg
visitroo.com/img/mx/h/ 64 KB
64 KB 504ms
504ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/h/1428611636_52043.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 630cefd9bc5de27498646c8c1cbd6e0bf7bf83e16735aba94a4a18683dfebc0e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:44 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 09 Apr 2015 20:33:56 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHV2QoLOMCX7GztCOwliBANK%2FEgikZgJEWT6aJsHAlDAFS2HmwxJjAyxveWIE18mjWInK2oR2M3gHS5pHEB9iXOh3dMwgUuX8uk7D3a96dp6XbyK3fRYeAB51d7jGlU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f898ab17ad-EWR
Content-Length: 65093
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1400346398_22929.jpg
visitroo.com/img/mx/e/ 56 KB
57 KB 569ms
569ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/e/1400346398_22929.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8412935aec3791cb428d6554a8a0655b885b820700e72ea6518301d4ff7857b1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 17 May 2014 17:06:38 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWLXznGxe88ODW5oWcGaEmYHc6u4IBmVvPeAgHC2tJJX5mgwmTkW1SyqLnbr4Iu0%2FiPsgsOrsPFad7DJrOuGnggenvS2oOIbUKDe6KYpROZCkmV81IYqmGwEBX3VATM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f8d8078cda-EWR
Content-Length: 57628
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1428365849_76017.jpg
visitroo.com/img/mx/j/ 53 KB
53 KB 430ms
430ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/j/1428365849_76017.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51bd716f818fa8a7a04bbb043c62a6cdd2942050b50d4f1b261104821f13a186

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Apr 2015 00:17:29 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5fwBBy5dYUHnSGvKXTnBuIosw3JrOBrvHiJ9wgOeBWZYsPWkWjAOIM%2BT8n6cXsC2RxiKZga%2FCpIqvIxGLxhBuMKyGPINvY5Lm0RaqEwMxXS5RIyQCnC0Lf2i8UHsKo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f9ff2917f1-EWR
Content-Length: 53871
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1399651962_70893.jpg
visitroo.com/img/mx/l/ 62 KB
63 KB 523ms
523ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/l/1399651962_70893.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa1c0543fd15ccf4f8a01605e58d910f7b7549edfe382442dec9eed8172d150b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 09 May 2014 16:12:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GS3MuGiUoBg2uU87WAEUNNjLrRNwTNDk2cGVbTDR8ySfEvPj541Rc995IoPl2Enh863al6fbnbC3IcCMcmnR2NBZUdKJd1TeHhaCDc2iQ4iz2e%2B92c4xdL7yw9Kdh4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fa8bf632f4-EWR
Content-Length: 63532
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1398790356_84174.jpg
visitroo.com/img/mx/e/ 57 KB
57 KB 401ms
400ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/e/1398790356_84174.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0efa45269769a3cb6a1a401464df12608d011612b888d50f1951aa7a803059f7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 29 Apr 2014 16:52:36 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2ME%2Bj9sAorzBmwsbSR%2Bw41bT%2FzuKSE%2BdQ2eXOqK9VYUHbUmlXyB8G%2BrbtGchNQ6JdJq5Lp2ayS0%2BwR0ABxD4iDtnPJ4e2wkwO5Pgv4nA5KZ89IHcf4I22%2BZNe6wZFs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fac89219c3-EWR
Content-Length: 57899
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1398616631_87185.jpg
visitroo.com/img/mx/l/ 56 KB
57 KB 452ms
452ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/l/1398616631_87185.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9642f11a15299f816673b07af13871679394f7c588e6ea54a6b2bcfc288d19

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 27 Apr 2014 16:37:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lg4fCaXuEyjLSEC59sY0L6TxvcbGtxL4JRREd1P4lrDVDLcsj%2Bg%2FwqJ%2Ffqr1MWsxcqwdEkEjB5VR4bYH4Z2ROIdnOXIj6SopiyGKPYC1JRclGNwgpkVDu7zIpNUqexw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fac826eff1-EWR
Content-Length: 57573
Expires: Sun, 19 Feb 2023 22:45:44 GMT

GET
H/1.1 200
OK 1404157107_85168.jpg
visitroo.com/img/mx/n/ 35 KB
36 KB 410ms
409ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/n/1404157107_85168.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ba4ac74c0c46f4a0913ac0662f1f1edba9f6dcad68d7a8cf2ebf6088061657

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 30 Jun 2014 19:38:27 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlZVVYO%2BMiey2uMt34AWAHngwumhAG5CSruU9F%2BqJB5%2BGsbU032%2B3h9GHa6si%2BJOwCniFodwPY%2F9ilSqzMi%2BvhHLluiHclGLdrXizOFz2R9d6Or1%2Bzd62GtBEjCWCew%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fbce2217ad-EWR
Content-Length: 35966
Expires: Sun, 19 Feb 2023 22:45:45 GMT

GET
H/1.1 200
OK 1399062859_98667.jpg
visitroo.com/img/mx/f/ 37 KB
38 KB 435ms
434ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/f/1399062859_98667.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c318df37d8f3ede60cf0862910e1d2df33240eaad3582bf5520502bdeb4d2c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 02 May 2014 20:34:19 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0KbJc9Ik6dGSyLTMfEn3%2BI4xDZP3uNBJnrIuw1xWkUBtsRZbARAxuIuZSMJZh4a8y7iOyAcCijI2JXY1m1wQcdzAqYK9O7qQdz6xFMKv1NaQHj9SNhhJW7mZataaT4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fc69f88cda-EWR
Content-Length: 38394
Expires: Sun, 19 Feb 2023 22:45:45 GMT

GET
H/1.1 200
OK 1428973741_72877.jpg
visitroo.com/img/mx/k/ 55 KB
55 KB 498ms
497ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/mx/k/1428973741_72877.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8ee68b34c704233d43fea146c3c827d60f23e3d01488c0213add0b9f68cbec

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 14 Apr 2015 01:09:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAP5Sid7fbcZW32Os59sruHcdLBuSyN%2BVvr2QnPYyQOX1KXhVHjF6a4OjC%2FgDS1EolRYVFHWMZ2HLFl2Tqr0uW9gnjLu7z3DW5yTfQgsdbTU5Ydx2qEisoXiZxW2b58%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fcabfa17f1-EWR
Content-Length: 55939
Expires: Sun, 19 Feb 2023 22:45:45 GMT

GET
H/1.1 200
OK shareaholic.js Show response
dsms0mj1bbhn4.cloudfront.net/assets/pub/ 10 KB
5 KB 19ms
4ms Script
application/javascript 54.230.244.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 54.230.244.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-244-132.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: e2f40b3a8aaf4a2abb1987007547690206251ee187f7594db715cfaebad6b654

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:35:50 GMT
Content-Encoding: gzip
Age: 671
X-Cache: Hit from cloudfront
X-Hello-Human: Join the fun! Apply at www.shareaholic.com/jobs
Content-Length: 4284
Access-Control-Allow-Origin: *
Last-Modified: Wed, 09 Feb 2022 20:54:56 GMT
Server: nginx
Cache-Control: max-age=1200, public
ETag: "879749224dc6aafa8a42879dc68cad9f"
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: ebweZDEZdSeHXYq6IUwqBG_gdPu0_ceYngs05vJKln0XipxxxWp1Ow==

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

16ms
2ms

Script
text/javascript

142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: visitroo.com
URL: http://visitroo.com/

Protocol

Server

142.250.72.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1285
date: Sat, 19 Feb 2022 22:24:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 20 Feb 2022 00:24:16 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK index_bg.jpg
visitroo.com/img/site/ 332 KB
333 KB 681ms
504ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/index_bg.jpg
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9ca74070d8b0437e6549c9e6a73f78a101f9238c1002854a4bb477c479ebc7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:15:38 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rln6l%2FzGsSqIRs4p6Ab5CD6JzALKVtBn9Ng0PDs5ExP0yOZN4by7PfuWcjtf6kkE%2BK%2BlKHAzM60hO%2F9DSHH2kkpqhSNGTTdPD57NxN5j%2FNSvkCXgaIk9uvEViVe%2FLfs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306e989e717ad-EWR
Content-Length: 340387
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK logo.png
visitroo.com/img/site/ 3 KB
3 KB 1489ms
654ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/logo.png?v=4
Requested by: Host: visitroo.com
URL: http://visitroo.com/css/site/main.css?v=208
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b307cb381c097ee54a99733f2e8860ace20e5ce394f14ef72f3b242bf9bf90f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/css/site/main.css?v=208
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 03 Sep 2014 22:08:52 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkK8P063h%2FV0RWdexIdme8VmnDqrctjXycg8TAlPO%2BNCKQyiyWz9K9SGV5rECBKyvQG%2BvccliOwtuI%2BnVPYL8I9LnovClYsp0HuZJ20PxXBRA6B1DvOzTxcedGi6Ebk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306eda8b68cda-EWR
Content-Length: 2854
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK restaurants.png
visitroo.com/img/site/cats/ 4 KB
5 KB 1521ms
347ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/restaurants.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8d5dbc709a15b69ef15aca8294424911fe5d3b708fb922ea32a4b37fb594cf0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:16:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Bxxn2V%2F3roeHrjjpLCPKX2tUB4hWfcjH1vVxym6ofBIFjEanEfO2O8iMYNlgpEnVWTkFEieG%2FD0MygIVTuWb%2FbQZoNxurUQWOeA7zvdVhJiQe5fkcDWrmjAUimcuXE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306efcb4932f4-EWR
Content-Length: 4131
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK hotels.png
visitroo.com/img/site/cats/ 2 KB
3 KB 1279ms
117ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/hotels.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6971ea48c0ce9c5f9fcb4f55d2182504a0c7eb967bd2c6839a8dbcf70c2e3d4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:16:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDz9cehzs6VRarv%2Bg7r%2Bz317ewqwS6sca%2Bb165TUY89%2Fryd4qL7V%2Bv6U%2BsfXwSihu6XnoH1bp%2FosrU420yYgddPCReXc7bWEIgIL8FnjyWluWE6lVVN5%2FBJqejVZewc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306efbd7417f1-EWR
Content-Length: 1999
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK thingstodo.png
visitroo.com/img/site/cats/ 5 KB
5 KB 1919ms
425ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/thingstodo.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f9be9aa3486ef0ea2c9cd1bcaec3e188dfdf89554c7bc759a64abce7b9f9f0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:17:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4NZW%2Fv3MGfwtm9FqQeTxP4Ye2QOAWvoAd86FaxTXd5XGwiVK9HktslHibT3ZgfbbkX9QPohzT0%2BIikDIqGsQ%2Fk4gmt4xdSTGiNJvsK7GjWVTGuKXYvTr73lEW3GToE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f1da9419c3-EWR
Content-Length: 4778
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK nightlife.png
visitroo.com/img/site/cats/ 4 KB
4 KB 1494ms
571ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/nightlife.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1673658707ae82627cbcf39dad47afa27da81939c5a8797a114867042bb87674

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:16:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cv%2BYZBiHg%2B%2BjMhOfOoEcn5RAzfeTTMoQSKJYyfWrpGVpm3%2BvCFWYpL5O7tgMKXzeGUpmU3pRxaQXPf9GvAtojyH4LEc8asHIA7RKLNPNtEAKvSaMWji641ob1FOCxOA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306ee3c5519c3-EWR
Content-Length: 3645
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK education.png
visitroo.com/img/site/cats/ 3 KB
3 KB 1546ms
316ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/education.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc6bf6ee2d71b885b40cb74dc668b3f3db97a474d0d904ef6a9a9f1b53d1f25

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:16:58 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kCIKVIxYfdM3Zig9HHBFZokC3KsVwCWSft8Lz2SQIenGo3bJL2MhnqoAQBb2duIk5HUNkICAI7EFXPccbSgI%2FRGW1rAEf2Mu5YYCgvBir5cj6JxhKzrMqwnfi8XRcI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f02d93eff1-EWR
Content-Length: 2770
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK health.png
visitroo.com/img/site/cats/ 2 KB
3 KB 1792ms
513ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/health.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6827291927e2e49accc21d6dd6bf5e6dacb1e3093c79f9f0cb96c6771c956f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:16:58 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwGm1T2ECwZ%2FHMLz96hoTB4iz7qRBF386gZop%2FfH%2Bi7u3FaXYsAAd7RiLZOONnC3aCMPIcGmc6fMx6Y%2BX7NXeMeVcCx0fpw%2FKibjpQzN5OHzwcKhWXB1sdqd9pfbp6A%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f07f0117f1-EWR
Content-Length: 1973
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK services.png
visitroo.com/img/site/cats/ 2 KB
3 KB 1497ms
432ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/services.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 813eeae047ec51a3f12a360b7ea335a9b611b29943d8566f6054390b018ca2b4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 21 Sep 2014 15:18:29 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmRKWBBCQpU%2Bv8z0v8Lz2lG%2FhY%2BHpuWyF02lCHWPD%2Fdyukuu0Q7t3BJOYEKkPmE4QjTNelGWF3v%2BomJu2vSThEcDzfg%2BuhjoSvvpG6053OIb%2BSMwYONHtba6%2F7mivJc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306ef1e3917ad-EWR
Content-Length: 2433
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK transportation.png
visitroo.com/img/site/cats/ 2 KB
3 KB 1935ms
444ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/transportation.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f172b86f33fcf9016f97a7d5a9e70e6304829e37f8a007ef253ed98c3991b0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:17:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odVDIfrbwLShbVibxX7jKgbAdRG%2FW4IvdYw7q%2B020ctFpVhsrqT2N7q3VAJM%2BCWdA6gE%2BLOQg%2B2HFc7npbM6z5ZNG4ZvHtj%2FvdaokImDMk%2BVp5g2cxvDmUYFhN5WRRM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f1cae58cda-EWR
Content-Length: 1970
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK shopping.png
visitroo.com/img/site/cats/ 4 KB
5 KB 2124ms
602ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/shopping.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c366f5b1225142b6db5eb18312a82015355edf307cdf9a0add0a1500c56f3e7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:17:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG%2BbrEW5niOF7xw7GzTf3QZHlp28nmMW1vmMMwYwGHOkIMc1mtzECV3d07TOPzEJ5lAXxAZwxaWT4s4%2BtU3xTEOe3qiQL2xyJW6wIWMJfNdrgPh4Gd%2By8kRlwHutHfQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f1f8ab32f4-EWR
Content-Length: 4103
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK realestate.png
visitroo.com/img/site/cats/ 4 KB
5 KB 215ms
214ms Image
image/png 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/site/cats/realestate.png
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 167e9fc66534f5e0ac22ba9f2cc16193a2bb15ee804b7a17fe7efc5af2823812

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Jun 2014 01:16:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSeY8m7zxJgbFHPwhYg8yKCN5jRO%2FoQwuEythJc0%2FUCFr0FhvtWwCpPYH%2FJ2TPAyvORbyxTfhwdmYTfGsfpUN1DfjHf0csj3207Jc%2FbXqUKG%2F8cuW3hFGvEIAXnUw%2BU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fd4cd319c3-EWR
Content-Length: 4212
Expires: Sun, 19 Feb 2023 22:45:45 GMT

GET
H/1.1 200
OK s_Playa_del_Carmen.jpg
visitroo.com/img/locations/ 25 KB
25 KB 710ms
309ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Playa_del_Carmen.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c43ef3439d4a189378416440f34167941bbd13ee0368abc0ce134afab43e65e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:13 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5do8XqWXlLFFjgStSH3sU2eKVxFZZGzjD5xP82dTm2EGAlazPRZSUJwJdECUrhDNpD9%2B%2BqyHw9gC%2Flh3NjfZu%2FVUTTHwMGdpxz8bvGycvUR%2FPXlu%2BL02pt49hjRlnA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306eafbd917f1-EWR
Content-Length: 25293
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK s_Tulum.jpg
visitroo.com/img/locations/ 45 KB
45 KB 818ms
423ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Tulum.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f2702a110940c13ac68de011f3a9127579411b8c40d3ec768be65d10719c34

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:15 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdrTuVONz3cpeucHNyzoi7F6Z6o0aQDqdpDnihEtMMRCwxbp%2FbPFJTJgQ2dyY0dvUqL86j6CXPY8lftSNT9ediHNPDPlhAdB1iHHFyP86nc3UeB%2FSNq%2Bcq81SjO8y8o%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306eaeeba32f4-EWR
Content-Length: 45716
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK s_Cancun.jpg
visitroo.com/img/locations/ 52 KB
53 KB 921ms
404ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Cancun.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c56d15d7b02cc9adfda76d7767c2380619376f2206b89f427e669d97eeaf583a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:10 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXY5J8%2ByPG4NnzHrdxCJLoeOZwFc%2Fp3zvrC%2FGLLIHOgVIyuMfdqztAOF68QMUrxXY%2FjylFEDxBnofwhnn9%2BQ98ZGHCheah%2Fw1pTfIvQ0cePQRnm02BzhlCZi2Xw0BHY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306ebb88419c3-EWR
Content-Length: 53184
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK s_Cozumel.jpg
visitroo.com/img/locations/ 37 KB
38 KB 791ms
400ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Cozumel.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48746531dc7e441819df4f2783f6e7cdde86bb1402670dd4b6af7ea2c726ef9f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq%2Bu1uvOw49FQnHXQB%2Flp%2B1m587tSqptqYS%2FpAbWg7Dm9rbDFygCZQF%2BAYfbzu92vBrTP7BDdCwoK0u0Wcw4JcCVkSiSqf2rwZc8l0AUn%2Borflx2KV0BhnIC2CxIuQY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306eae8e7eff1-EWR
Content-Length: 37761
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK s_Holbox.jpg
visitroo.com/img/locations/ 11 KB
12 KB 1174ms
355ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Holbox.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a128dcad321a245fc5fb2caea7f7ba8f393eddf713a5ff873e9860f755d8556a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1ZABNqEiEwxdEt74OQ5pq5kLgzeO8L0qjTH9B2knetV1h9Fv6yzeQWiIFV5CyGMXwtwXEcharRPGIeLij2Pn%2FdY0bZ05rIxNGqwUYhuo%2F9yQx39xpsJxCCLr1Xz78Y%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306ed9d5c32f4-EWR
Content-Length: 11652
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK s_Akumal.jpg
visitroo.com/img/locations/ 24 KB
24 KB 1229ms
437ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Akumal.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43df8f4651490bb1e833377742ddc098ae04b38717430b68a17686ca0545f2dd

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:09 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4acOhxTUaPJKASYyQS9pDI5f1C6Niw72VOZzj0oHpfx1l5XJfyS3PlnpbvqDNz1sZZ2BqZOKhmsv1zAXx3ljv1KShyCwDq%2Bi%2BpcXQItT17U40vTUeiONL%2FTpX8HRIw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306ed6b10eff1-EWR
Content-Length: 24193
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK s_Bacalar.jpg
visitroo.com/img/locations/ 23 KB
23 KB 835ms
307ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Bacalar.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43146e02e07008599eb3a6cfb75149df283363852b8eeb72499a5f4bda097447

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:10 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PutKQbk7PR5Cnmpro%2BF2m17B5zQmJwirn3tsGXoJL1twTDlhFklEZmAOOZfGsADRWszwL5CupGs2OlDdFOGHd12Rt0E2z5dk3TDohJErjOtuABCSE4DTgQ7wyWHl7Y%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306ebcbc78cda-EWR
Content-Length: 23197
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK s_Isla_Mujeres.jpg
visitroo.com/img/locations/ 16 KB
17 KB 1161ms
450ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Isla_Mujeres.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5632b5899309b49f2efef137f5dacfaede79aff746b491a05105d39037151d8f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:12 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcwyuyRCXpDG30UGFREtfcrqbY2NB54%2BugBrRg%2BZrANy%2BCunonYMngFHpm3bk0hUc6e1pKP4EtntZEZdgtEirtuTfCxlDWyUwQpHDEP4d2w%2Bpi0Ul6fYNO8furfaRQ0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306ecef2d17f1-EWR
Content-Length: 16250
Expires: Sun, 19 Feb 2023 22:45:42 GMT

GET
H/1.1 200
OK s_Puerto_Aventuras.jpg
visitroo.com/img/locations/ 18 KB
19 KB 2116ms
618ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Puerto_Aventuras.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e93fba7137fd2c24cfbf538b10e9c49fd8b95e5d7b181f3152a8a10037678f2

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:43 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:14 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPte3YoRKH6rmrcW69ZbBbFjVclV3opUC4y9bkSIh9q33bPCb2cYonFRjYFYkgHWl2Q0IZ0t%2BIm1vr618RcP3%2FDXfAit20ni7phynmPa%2FTEsn%2FhmeLzRrbRewOBxqDM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306f1db5017ad-EWR
Content-Length: 18904
Expires: Sun, 19 Feb 2023 22:45:43 GMT

GET
H/1.1 200
OK s_Puerto_Morelos.jpg
visitroo.com/img/locations/ 18 KB
19 KB 327ms
327ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Puerto_Morelos.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40b2ffd1f1d4ac003bf08c481d0b2f3db19a03325d0e31c0c9ad9d45dbea930

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:14 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3FoiWWa0OiZ53dRhMLymFRo8UQuFCGDpYdp%2BuaEhZQ8%2BV%2B1gkjcNfOhsXfi%2FjvVAb9o62lP1sSHP95VdrE3ekAzXoLBd%2F3CCJcUAGJOTQD2%2BB7c9eczoDJMVZRWlhM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fd9abfeff1-EWR
Content-Length: 18317
Expires: Sun, 19 Feb 2023 22:45:45 GMT

GET
H/1.1 200
OK s_Mahahual.jpg
visitroo.com/img/locations/ 15 KB
15 KB 309ms
308ms Image
image/jpeg 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://visitroo.com/img/locations/s_Mahahual.jpg?v=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40b6d5468425c78762034d7462921888068523c3701f31e40d7e02eb9b9b069c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 04 Mar 2019 19:34:12 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbGohP%2Fc2t4AsHYyeHfUCpLP7lxLJW1Nojc5Kwxnf%2B919h5vVJTaXnJAOyZc5YnvOMGml%2FJLFQxZGJD82foxcp3zfhW8dQGNRnn3htjjo4f9bWRiaVN%2FaTcKxF%2BXzTE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fdcb1932f4-EWR
Content-Length: 14968
Expires: Sun, 19 Feb 2023 22:45:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame 90F8 10 KB
5 KB 17ms
3ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 19 Feb 2022 02:51:09 GMT
expires: Sat, 05 Mar 2022 02:51:09 GMT
cache-control: public, max-age=1209600
age: 71672
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
105 KB 54ms
41ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

a47e8f4fccff57e29d17994090597bcb0afd458190a6a36d15f85d01f413de28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106757
x-xss-protection: 0
server: cafe
etag: 457795952330980258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 22:45:41 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 23ms
18ms Stylesheet
text/css 142.251.40.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato:300,400,700,300italic

Requested by

Host: visitroo.com
URL: http://visitroo.com/

Protocol

HTTP/1.1

Server

142.251.40.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f10.1e100.net

Software

ESF /

Resource Hash

5e481439280c9d61ac96f6cd3c3eb8027334fab5f56843ed7cc483cf5d6337da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 19 Feb 2022 22:45:41 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 19 Feb 2022 22:45:41 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 41ms
16ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: visitroo.com
URL: http://visitroo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 23352068
cdn-cachedat: 2021-05-25 10:59:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ab9e345b3ae5311f58f3b95668b7b342
cf-ray: 6e0306e93d908cdd-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 200
OK main.js Show response
visitroo.com/js/ 3 KB
2 KB 224ms
223ms Script
text/js 104.21.19.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://visitroo.com/js/main.js?v=208
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 104.21.19.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26e5953ad83fb1d65bbfb35830d52216e6cbda8b27d7f01b9d869a3e6e478b75

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Tue, 05 Mar 2019 16:11:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hv3TR33IlGeMwMTsahoAjCartHaKBwKPCR7NZ1k355bDtMr3c7qlTKMovD71zDAVJK2CPD78%2FIxUOXd%2FYsuyOS%2FqrL9G5KNoIxpEwDESmAt0SBt2mOKKC5PWxf97F%2Bo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/js
Cache-Control: max-age=5184000
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6e0306fe5a6517ad-EWR
Content-Length: 1333
Expires: Wed, 20 Apr 2022 22:45:45 GMT

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 148 KB
41 KB 21ms
7ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Requested by: Host: dsms0mj1bbhn4.cloudfront.net
URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 59b04a15dacf5d7c6befe6dd8f0c26a66bfab4ac12cf05b7d9acd177e22f5b03

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:41 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: NFB49KNGRGY1YFX2
etag: "88fa1ed2ddaaae4bf29d6c2a0672314d"
x-hw: 1645310741.cds036.ny3.hn,1645310741.cds050.ny3.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 41836
x-amz-id-2: HePZJCSNFUOhrCXRPUbrxu5S1nhbgH3/YLE4IrdrYwEBjmZFAYqLDzXrMDSe198oV2+ZRwpicaU=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 16ms
15ms XHR
text/plain 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1749368713&t=pageview&_s=1&dl=http%3A%2F%2Fvisitroo.com%2F&ul=en-us&de=UTF-8&dt=Visit%20Quintana%20Roo%2C%20Yucatan%20Peninsula%2C%20Cenote%20Mexico%2C%20Tulum%2C%20Cozumel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1325521530&gjid=1575410421&cid=888850637.1645310742&tid=UA-9697326-5&_gid=407592143.1645310742&_r=1&_slc=1&z=1180301820

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://visitroo.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:45:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://visitroo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99fb165d14b04a94515bfa1e9d8b7bb.json Show response
www.shareaholic.net/config/ 5 KB
2 KB 45ms
14ms XHR
application/json 184.73.100.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/e99fb165d14b04a94515bfa1e9d8b7bb.json
Requested by: Host: dsms0mj1bbhn4.cloudfront.net
URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-100-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 82236ffb1856b452f5a25e4293b31847f85764d82618284fb5d1acc49525597e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-client-geo-country: US,United States
date: Sat, 19 Feb 2022 18:06:06 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-length: 1455
server: nginx
x-client-geo-region: NY,New York
x-client-geo-metrocode: 501
etag: W/"82236ffb1856b452f5a25e4293b31847"
access-control-max-age: 2000
x-client-geo-city: New York
x-varnish: 752877111 750409186
via: 1.1 varnish (Varnish/6.0)
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-zip: 10013
accept-ranges: bytes
content-type: application/json
access-control-allow-headers: *
x-client-geo-latlong: 40.715700,-74.000000

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 6ms
3ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:300,400,700,300italic

Protocol

HTTP/1.1

Server

142.250.64.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://visitroo.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 00:13:46 GMT
X-Content-Type-Options: nosniff
Age: 253915
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23040
X-XSS-Protection: 0
Last-Modified: Wed, 26 Jan 2022 19:21:19 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 17 Feb 2023 00:13:46 GMT

GET
H/1.1 200
OK S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v22/ 17 KB
18 KB 6ms
3ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v22/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:300,400,700,300italic

Protocol

HTTP/1.1

Server

142.250.64.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://visitroo.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 00:33:55 GMT
X-Content-Type-Options: nosniff
Age: 252706
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 17728
X-XSS-Protection: 0
Last-Modified: Wed, 26 Jan 2022 19:19:39 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 17 Feb 2023 00:33:55 GMT

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 4ms
3ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:300,400,700,300italic

Protocol

HTTP/1.1

Server

142.250.64.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://visitroo.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 21:06:51 GMT
X-Content-Type-Options: nosniff
Age: 265130
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23580
X-XSS-Protection: 0
Last-Modified: Wed, 26 Jan 2022 19:14:03 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 16 Feb 2023 21:06:51 GMT

GET
H/1.1 200
OK S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 3ms
3ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:300,400,700,300italic

Protocol

HTTP/1.1

Server

142.250.64.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://visitroo.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 00:13:47 GMT
X-Content-Type-Options: nosniff
Age: 253914
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23236
X-XSS-Protection: 0
Last-Modified: Wed, 26 Jan 2022 19:18:07 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 17 Feb 2023 00:13:47 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
636 B 41ms
12ms Ping
image/gif 34.204.113.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.113.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-113-242.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: http://visitroo.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:45:42 GMT
vary: Origin
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin: http://visitroo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-security-policy: referrer always
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 56ms
51ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://visitroo.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 718
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 14:35:37
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d46de954ae57a42575bd8597b3099fd4
accept-ranges: bytes
cf-ray: 6e0306e9bfe48c6b-EWR
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
646 B 31ms
16ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=visitroo.com&callback=_gfp_s_&client=ca-pub-7446323077007767

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

b11861acd537aeca2bebd767e081e25592385ebbbfab36be9b3d0c8b32ee856c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
24ms Script
application/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=visitroo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C88 69 KB
28 KB 492ms
481ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=2366104698&adf=1524467814&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741865&bpp=5&bdt=453&idt=152&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=4142132405610&frm=20&pv=2&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bEH9Ibkgln&p=http%3A//visitroo.com&dtd=187

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

c79072a0f5224b5b5889cae1d8ee33e7ddd8474c210f24a8138bcb5f5c6a87cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 19 Feb 2022 22:45:42 GMT
server: cafe
content-length: 28627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 22:45:42 GMT
cache-control: private

GET
H2 200 buttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 179 KB
37 KB 9ms
8ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js
Requested by: Host: dsms0mj1bbhn4.cloudfront.net
URL: http://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:54 GMT
server: nginx
x-amz-request-id: NFB2TQ0PKF4N07B3
etag: "49e3d95d37cfa985c04180587e25647b"
x-hw: 1645310742.cds036.ny3.hn,1645310742.cds076.ny3.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 37579
x-amz-id-2: 41CyigLuzTQn7/nYl7JAl5ek+10YUQYUdhQyr1/KsChb1iMZ7aT+ymqqNZoLyeYpUnnPy8eYpr0=

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 2 KB
2 KB 54ms
27ms Script
application/javascript 107.20.140.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fvisitroo.com%2F&id_sync=578c2454-fba7-4180-a53e-d7d5e6d4950a&minify=1&pvs=1&site=e99fb165d14b04a94515bfa1e9d8b7bb
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.140.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-140-231.compute-1.amazonaws.com
Software: /
Resource Hash: 4d2ebf73008723e10d928cd12d3d42759dbdc3674cf32f858cbc15b912dd48ce

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript;charset=utf-8
content-length: 994
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DCE 92 KB
32 KB 936ms
936ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3445f2864a27ea2c0db92f8cb3890ebdd764b2b1cdb35d6cc91a3c242806cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 19 Feb 2022 22:45:43 GMT
server: cafe
content-length: 32318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 22:45:43 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44AF 0
19 B 132ms
131ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&adk=1812271804&adf=3025194257&lmt=1645310742&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fvisitroo.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1645310741914&bpp=1&bdt=501&idt=172&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C970x250&nras=1&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=178

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 19 Feb 2022 22:45:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 22:45:42 GMT
cache-control: private

GET
H2 200 shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 20 KB
20 KB 16ms
7ms Font
font/woff 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Referer: http://visitroo.com/
Origin: http://visitroo.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 17:41:10 GMT
server: nginx
x-amz-request-id: 7GX3B7Z1AT9BNC76
etag: "0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
x-hw: 1645310742.cds061.ny3.hn,1645310742.cds040.ny3.c
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 20572
x-amz-id-2: 39X4WTFZt5Z5SwYqtP0IZiCadze/5GJir6DJovbHATYiyovA+QOsA58fN87ifk9XaCccX749pyc=

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sholic.js Show response
px.owneriq.net/stas/s/ 14 KB
14 KB 41ms
5ms Script
text/javascript 23.217.18.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/stas/s/sholic.js
Requested by: Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fvisitroo.com%2F&id_sync=578c2454-fba7-4180-a53e-d7d5e6d4950a&minify=1&pvs=1&site=e99fb165d14b04a94515bfa1e9d8b7bb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.217.18.198 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-18-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: de77c956fbb1f507dbc131ece6ae193fa6fe0f4c6337ece817d7ccbd157c52d3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
Content-Type: text/javascript
X-Powered-By: PHP/5.3.3
Content-Length: 14462
Expires: Sat, 19 Feb 2022 22:45:42 GMT

GET
H2 200 dpx.js Show response
i.simpli.fi/ 0
789 B 148ms
46ms Script
application/javascript 169.44.76.76
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=66111&m=0&sifi_tuid=37828&referrer=http%3A%2F%2Fvisitroo.com%2F

Requested by

Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fvisitroo.com%2F&id_sync=578c2454-fba7-4180-a53e-d7d5e6d4950a&minify=1&pvs=1&site=e99fb165d14b04a94515bfa1e9d8b7bb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.44.76.76 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

4c.4c.2ca9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Sat, 19 Feb 2022 22:45:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: FtVRZyW95djyF7sD2TQE
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK taglw.aspx Show response
ml314.com/ 13 KB
6 KB 60ms
10ms Script
application/javascript 54.85.224.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/taglw.aspx?191
Requested by: Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fvisitroo.com%2F&id_sync=578c2454-fba7-4180-a53e-d7d5e6d4950a&minify=1&pvs=1&site=e99fb165d14b04a94515bfa1e9d8b7bb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-224-115.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d4704b8d71ddb11722acdc84c73f8296a25b3011be8e22f0a8cb12f1a0bb1a3b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:41 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 39ms
7ms Script
application/javascript 52.85.61.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fvisitroo.com%2F&id_sync=578c2454-fba7-4180-a53e-d7d5e6d4950a&minify=1&pvs=1&site=e99fb165d14b04a94515bfa1e9d8b7bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-28.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 17:43:31 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 85831
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: CNSofmPCM834RYsTdhgo1XAhexBekiqpRtnQyAr-Hbu9vO91_aSRVQ==

GET
H2 200 afsh.js Show response
cdn.tynt.com/ 10 KB
4 KB 57ms
16ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afsh.js
Requested by: Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fvisitroo.com%2F&id_sync=578c2454-fba7-4180-a53e-d7d5e6d4950a&minify=1&pvs=1&site=e99fb165d14b04a94515bfa1e9d8b7bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad78de3742c4c88ee9a0fe90a6c6274802ecc204eb805ec0da0cbf402b06626d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 220926
etag: W/"6129520b-2881"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e0306eb08231a30-EWR
expires: Tue, 22 Feb 2022 22:45:42 GMT

GET
H2

200

ifrsync Show response
aggle.net/ Frame 0C30
Redirect Chain

https://aggle.net/iframe?pid=PP7C66WR6&puid=578c2454-fba7-4180-a53e-d7d5e6d4950a
https://aggle.net/ifrsync?pid=PP7C66WR6&puid=578c2454-fba7-4180-a53e-d7d5e6d4950a

26 B
480 B

78ms
78ms

Document
text/html

76.223.58.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/ifrsync?pid=PP7C66WR6&puid=578c2454-fba7-4180-a53e-d7d5e6d4950a
Requested by: Host: partner.shareaholic.com
URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fvisitroo.com%2F&id_sync=578c2454-fba7-4180-a53e-d7d5e6d4950a&minify=1&pvs=1&site=e99fb165d14b04a94515bfa1e9d8b7bb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.58.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa99c9d83a6ef87e2.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-type: text/html; charset=utf-8
content-length: 26
server: gunicorn
p3p: CP="NOI OUR BUS UNI COM NAV"
cache-control: no-cache
expires: Sat, 19 Feb 2022 22:45:43 GMT

Redirect headers

server: awselb/2.0
date: Sat, 19 Feb 2022 22:45:42 GMT
content-type: text/html
content-length: 134
location: https://aggle.net:443/ifrsync?pid=PP7C66WR6&puid=578c2454-fba7-4180-a53e-d7d5e6d4950a

GET
H2

200

tpid=578c2454-fba7-4180-a53e-d7d5e6d4950a
sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/
Redirect Chain

https://sync.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=578c2454-fba7-4180-a53e-d7d5e6d4950a
https://sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/tpid=578c2454-fba7-4180-a53e-d7d5e6d4950a

49 B
543 B

28ms
28ms

Image
image/gif

52.73.153.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/tpid=578c2454-fba7-4180-a53e-d7d5e6d4950a
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: H2
Server: 52.73.153.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-153-177.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:45:42 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.11.49
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:45:42 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=9193/tp=SHLC/tpid=578c2454-fba7-4180-a53e-d7d5e6d4950a
cache-control: no-cache
x-server: 10.40.0.15
content-length: 0
expires: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=19376307&c3=1&ns__t=1645310742241&ns_c=UTF-8&cv=3.5&c8=Visit%20Quintana%20Roo%2C%20Yucatan%20Peninsula%2C%20Cenote%20Mexico%2C%20Tulum%2C%20Cozumel&c7=htt...
https://sb.scorecardresearch.com/b2?c1=7&c2=19376307&c3=1&ns__t=1645310742241&ns_c=UTF-8&cv=3.5&c8=Visit%20Quintana%20Roo%2C%20Yucatan%20Peninsula%2C%20Cenote%20Mexico%2C%20Tulum%2C%20Cozumel&c7=ht...

0
225 B

11ms
11ms

Image
text/plain

52.85.61.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=19376307&c3=1&ns__t=1645310742241&ns_c=UTF-8&cv=3.5&c8=Visit%20Quintana%20Roo%2C%20Yucatan%20Peninsula%2C%20Cenote%20Mexico%2C%20Tulum%2C%20Cozumel&c7=http%3A%2F%2Fvisitroo.com%2F&c9=
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: H2
Server: 52.85.61.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-28.ewr53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
via: 1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 8LVkVe4IM-SqmGGIH1YbNrrvrqL_Sj40WKImwRK7tMfq2RVwF_YUEw==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 19 Feb 2022 22:45:42 GMT
via: 1.1 d7202b57803815a076179b3bb9bbd766.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=19376307&c3=1&ns__t=1645310742241&ns_c=UTF-8&cv=3.5&c8=Visit%20Quintana%20Roo%2C%20Yucatan%20Peninsula%2C%20Cenote%20Mexico%2C%20Tulum%2C%20Cozumel&c7=http%3A%2F%2Fvisitroo.com%2F&c9=
content-length: 249
x-amz-cf-id: i78L-2c6-dNYL1c6KGB1nFSZHKyo2vugGWmCRmn06FZbneceKmW4lg==

GET
H/1.1 200
OK eps Show response
px.owneriq.net/ Frame 0B27 783 B
2 KB 10ms
10ms Document
text/html 23.217.18.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/eps?pt=sholic&pid=1693&uid=Q6985971421360981965J&l=true
Requested by: Host: px.owneriq.net
URL: https://px.owneriq.net/stas/s/sholic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.217.18.198 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-18-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 605c2d513de51d48c7114c7c519a1bc519af9e2ef555cb50c037afdb188e12f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Content-Length: 783
Content-Type: text/html
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary: Accept-Encoding
Cache-Control: max-age=2916
Date: Sat, 19 Feb 2022 22:45:42 GMT
Connection: keep-alive

GET
H/1.1 200
OK / Show response
px.owneriq.net/j/ 721 B
1016 B 74ms
67ms Script
text/javascript 23.217.18.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/j/?ref=http://visitroo.com/&pt=sholic&t=d%7C%22Travel%2520%2526%2520Entertainment%22&s=inte
Requested by: Host: px.owneriq.net
URL: https://px.owneriq.net/stas/s/sholic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.217.18.198 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-18-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 14a9bf0afb1d8451446cea57d783fb6e96c0e11ac428a10217c72114c9f186c4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 721
Content-Type: text/javascript

GET
H2 200 p
ic.tynt.com/b/ 35 B
523 B 70ms
21ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=sh!sh&lm=0&ts=1645310742259&dn=AFSH&iso=0&t=Visit%20Quintana%20Roo%2C%20Yucatan%20Peninsula%2C%20Cenote%20Mexico%2C%20Tulum%2C%20Cozumel
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
etag: "4bc8846c-23"
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-type: image/gif
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 shares.json Show response
api.bufferapp.com/1/links/ 66 B
411 B 138ms
101ms Script
text/javascript 104.16.138.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bufferapp.com/1/links/shares.json?url=http%3A%2F%2Fvisitroo.com%2F&callback=JSONP_8670

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.138.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

06eace4f82a0afa30466db160bde2e3e17d0c3bf17d2fd5bd9c96ab475d20a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=43200
cf-ray: 6e0306eb6de2178c-EWR
etag: W/"42-BWHHuTRq58ZzWQ2kw/2nvd7Nv/I"
expires: Sun, 20 Feb 2022 10:45:42 GMT

GET
H2 200 dk Show response
connect.ok.ru/ 11 B
2 KB 634ms
125ms Fetch
application/json 217.20.147.3
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?url=http%3A%2F%2Fvisitroo.com%2F&tp=json&ref=http%3A%2F%2Fvisitroo.com%2F&st.cmd=extLike

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 56 B
303 B 130ms
88ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fvisitroo.com%2F&callback=JSONP_8603

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bf9f865d42aaa1a064376bce656300b9026a6725f9c7e5b2abbd059774c0707

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 79
x-pinterest-rid: 1735060253207696
content-length: 56
expires: Sat, 19 Feb 2022 23:00:42 GMT

GET
H2 200 button_info.json Show response
www.reddit.com/ 120 B
1 KB 42ms
32ms Fetch
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/button_info.json?url=http%3A%2F%2Fvisitroo.com%2F

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

0cfd01f61f14eb6d881159ad18587bb4501c97ae7db9bbc9c5dd04a35362cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ratelimit-used: 1
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 120
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
server: snooserv
x-frame-options: SAMEORIGIN
date: Sat, 19 Feb 2022 22:45:42 GMT
x-ratelimit-remaining: 299
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset: 258
accept-ranges: bytes
expires: -1

GET
H2 200 stats Show response
api.tumblr.com/v2/share/ 91 B
353 B 198ms
28ms Fetch
application/json 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tumblr.com/v2/share/stats?url=http%3A%2F%2Fvisitroo.com%2F

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

088173184e96e48be727e6825ba18436c2c379c7de956dc52ef1c7eefb717503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
p3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
access-control-allow-origin: http://visitroo.com
x-rid: c32ed1b548b1f9d95231b1b17968215c
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-type: application/json; charset=utf-8
content-length: 101

GET
H2 200 share.php Show response
vk.com/ 24 B
482 B 326ms
114ms Script
text/html 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?url=http%3A%2F%2Fvisitroo.com%2F&act=count&index=7907&callback=JSONP_8482

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.110207

Resource Hash

62cea2ef75ba1126cdda6b1131e8373fef580cb38bd5619b2155b2437f9934f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
x-frontend: front512007
server: kittenx
x-powered-by: KPHP/7.4.110207
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44

GET
H2 200 yum-count Show response
www.yummly.com/services/ 11 B
683 B 118ms
73ms Fetch
application/json 104.18.26.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yummly.com/services/yum-count?url=http%3A%2F%2Fvisitroo.com%2F
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
vary: Accept-Encoding
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11
last-modified: Sat, 19 Feb 2022 22:45:42 GMT
server: cloudflare
x-yummly-req-id: f810e7f5-f83a-419f-a86e-f63217d30ce0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://visitroo.com
cache-control: private
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6e0306eb7ac08c2d-EWR
access-control-allow-headers: DNT,User-Agent,Cache-Control,Content-Type,X-Yummly-Auth-Token,Accept,Authorization,If-Match,If-None-Match,If-Modified-Since,If-Unmodified-Since,X-Yummly-App-Id,X-Yummly-App-Key,X-Visitor,X-Yummly-Type,X-Forwarded-For,X-Yummly-Locale,X-Yummly-Domain,X-Yummly-Timeout-Millis

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 291 B
1 KB 18ms
18ms Script
application/javascript 54.85.224.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?et=0&eid=51840&ct=js&cp=http%253A%252F%252Fvisitroo.com%252F&pv=1645310742270_4afsywq2y&bl=en-us&cb=3381430&si=1645310742270_4afsywq2y&s=1600x1200&nc=1
Requested by: Host: ml314.com
URL: https://ml314.com/taglw.aspx?191
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-224-115.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3f3aee00a471cbf82700e22d93e79e30a2d63c83f1812361fe20c05bc579114e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 22:45:41 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 321
Expires: 0

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 0
361 B 10ms
10ms Script
application/javascript 54.85.224.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?et=0&eid=51840&ct=js&cp=http%253A%252F%252Fvisitroo.com%252F&pv=1645310742272_fkki01jpe&bl=en-us&cb=7272821&return=https%253A%252F%252Fpixel.shareaholic.com%252Frsync.gif%253Fp%253D24%2526u%253D%255BPersonID%255D%2526s%253D578c2454-fba7-4180-a53e-d7d5e6d4950a&si=1645310742270_4afsywq2y&s=1600x1200&nc=1
Requested by: Host: ml314.com
URL: https://ml314.com/taglw.aspx?191
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-224-115.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 22:45:41 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
Expires: 0

GET
H2 200 379208.gif
idsync.rlcdn.com/ Frame 0B27 42 B
449 B 39ms
31ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379208.gif?partner_uid=Q6985971421360981965J
Requested by: Host: px.owneriq.net
URL: https://px.owneriq.net/eps?pt=sholic&pid=1693&uid=Q6985971421360981965J&l=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://px.owneriq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:45:42 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame 0B27 95 B
497 B 47ms
22ms Image
image/png 107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=916&ta_partner_did=Q6985971421360981965J&ta_format=png

Requested by

Host: px.owneriq.net
URL: https://px.owneriq.net/eps?pt=sholic&pid=1693&uid=Q6985971421360981965J&l=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://px.owneriq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 0B27
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q6985971421360981965J
https://us-u.openx.net/w/1.0/sd?cc=1&id=537073059&val=Q6985971421360981965J

43 B
61 B

18ms
13ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537073059&val=Q6985971421360981965J
Requested by: Host: px.owneriq.net
URL: https://px.owneriq.net/eps?pt=sholic&pid=1693&uid=Q6985971421360981965J&l=true
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://px.owneriq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:45:42 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537073059&val=Q6985971421360981965J
date: Sat, 19 Feb 2022 22:45:42 GMT
via: 1.1 google
server: OXGW/17.1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=22NcC3dp-rBManICA6Ak_2sfVdfaKWp8EhpYdBdcZUzM&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ml314.com/csync.ashx?fp=22NcC3dp-rBManICA6Ak_2sfVdfaKWp8EhpYdBdcZUzM&person_id=3625259579801075736&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

17ms
17ms

Image
image/gif

18.214.54.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-54-215.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Sat, 19 Feb 2022 22:45:41 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Cache-Control: private
Connection: keep-alive
Content-Length: 193
Expires: Sun, 20 Feb 2022 17:45:42 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=3625259579801075736%26eid=50220
https://ml314.com/csync.ashx?fp=19ff6211-7316-4300-ae23-169053af578c&person_id=3625259579801075736&eid=50220

43 B
312 B

9ms
9ms

Image
image/gif

54.85.224.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=19ff6211-7316-4300-ae23-169053af578c&person_id=3625259579801075736&eid=50220
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Server: 54.85.224.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-224-115.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:41 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sun, 20 Feb 2022 17:45:42 GMT

Redirect headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
Server: MT3 4133 baa842e master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=19ff6211-7316-4300-ae23-169053af578c&person_id=3625259579801075736&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Sat, 19 Feb 2022 22:45:41 GMT

GET
H/1.1 200
OK ep
px.owneriq.net/ 0
469 B 7ms
7ms Image
text/html 23.217.18.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/ep?sid%5B%5D=3906811548&sid%5B%5D=3585802694&sid%5B%5D=3588953253&pt=sholic&uid=Q6985971421360981965J&jcs=1
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.217.18.198 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-18-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 19 Feb 2022 22:45:42 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: max-age=53023
Connection: keep-alive
Content-Type: text/html
Content-Length: 0

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 77ms
23ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=sh!sh&dn=AFSH&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afsh.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 6bb81973a5f0d2ead30ae8063c83710f6157b34f12ce6f039fc1590004b90fce

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:41 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 1103
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&_rand=1645310742428.1
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&_rand=1645310742428.1&_expected_cookie=fba7e93aef764fa909ae50...

43 B
142 B

45ms
44ms

Image
image/gif

104.18.101.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&_rand=1645310742428.1&_expected_cookie=fba7e93aef764fa909ae503c1860f3e6
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: H2
Server: 104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e0306ec8cc017bd-EWR
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_pu=&_puuid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&_rand=1645310742428.1&_expected_cookie=fba7e93aef764fa909ae503c1860f3e6
date: Sat, 19 Feb 2022 22:45:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e0306ec5c4217bd-EWR
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

204

8929090037869049794
map.go.affec.tv/map/an/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&ts=1645310742428.2
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62117316d6bfb40001f2e25a%26chc%3Dtt%26floc%3D%26redirect_url%3D
https://map.go.affec.tv/map/an/8929090037869049794?ch=62117316d6bfb40001f2e25a&chc=tt&floc=&redirect_url=

0
625 B

65ms
65ms

Image
text/plain

52.85.61.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/an/8929090037869049794?ch=62117316d6bfb40001f2e25a&chc=tt&floc=&redirect_url=
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: H2
Server: 52.85.61.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-44.ewr53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
via: 1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
content-encoding: gzip
x-amz-cf-id: ZRtjLOTyChb-3EWstzvTKxHz40sYL42n6LaPgWV8Jln57HOLnjIvag==
vary: Accept-Encoding
x-cache: Miss from cloudfront

Redirect headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 22:45:42 GMT
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 6b10ee1a-80ff-4f4d-815d-af252c0630d5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://map.go.affec.tv/map/an/8929090037869049794?ch=62117316d6bfb40001f2e25a&chc=tt&floc=&redirect_url=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
pippio.com/api/
Redirect Chain

https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKS2IRcxZIziFAJleaAg%3D%3D&pcat=Travel&pdev=&pctry=US&referrer=http%3A%2F%2Fvisitroo.com%2F...
https://p.rfihub.com/cm?pub=39342&in=1&userid=1a373165-8b19-458d-853d-b6f30f2070e0%3A1645310742.54&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D1a373165-8b19-458d-853d...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=1a373165-8b19-458d-853d-b6f30f2070e0%3A1645310742.54&pid=500040&it=1&iv=1a373165-8b19-458d-853d-b6f30f2070e0%3A1645310742.54
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54&pid=500040&_li_chk=true&iv=1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54&previo...
https://pippio.com/api/sync?it=1&pid=500040&iv=1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54

42 B
547 B

48ms
36ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&iv=1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54
Requested by: Host: visitroo.com
URL: http://visitroo.com/
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:45:42 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&iv=1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54
Date: Sat, 19 Feb 2022 22:45:42 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2IRcxZIziFAJleaAg%3D%3D&us_privacy=&random=1645310742428.4
https://secure.adnxs.com/mapuid?t=2&member=1001&user=1917005985433&seg_code=33x&random=1645310742
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D1917005985433%26seg_code%3D33x%26random%3D1645310742

43 B
1021 B

13ms
13ms

Image
image/gif

68.67.161.205
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D1917005985433%26seg_code%3D33x%26random%3D1645310742

Requested by

Host: visitroo.com
URL: http://visitroo.com/

Protocol

HTTP/1.1

Server

68.67.161.205 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

799.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 22:45:42 GMT
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 34d041e8-b4f5-49c8-9d5b-39c0c2bfd889
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Feb 2022 22:45:42 GMT
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: bb57cb4f-1317-4816-a6c8-c458af662803
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D1917005985433%26seg_code%3D33x%26random%3D1645310742
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 8560092566719227782
tpc.googlesyndication.com/simgad/ Frame 8C88 21 KB
22 KB 19ms
5ms Image
image/png 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8560092566719227782?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnbAf8EU_r7UpxgfGMNnrMF0LBTbQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=2366104698&adf=1524467814&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741865&bpp=5&bdt=453&idt=152&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=4142132405610&frm=20&pv=2&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bEH9Ibkgln&p=http%3A//visitroo.com&dtd=187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

sffe /

Resource Hash

bd930a6b6a388e8c29b983c876ae043b9f9352c5f670d9a26d7bafcd6d8ebaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 16:23:16 GMT
x-content-type-options: nosniff
age: 282146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21872
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 18:34:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Feb 2023 16:23:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 8C88 19 KB
8 KB 16ms
3ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:32:03 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8C88 2 KB
1 KB 13ms
5ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:45:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C88 124 KB
38 KB 42ms
25ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 22:45:42 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8C88 15 KB
6 KB 12ms
3ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:45:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 8C88 28 KB
12 KB 12ms
4ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

cafe /

Resource Hash

a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 15:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11757
x-xss-protection: 0
server: cafe
etag: 16992248388390577427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 15:09:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C88 0
0 74ms
73ms Fetch
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsTMvFnMRYtXUBcWDxAOUma-4A6W3jcFo-KKqrucPs8TcwJUcEAEg5I2zJmDJxqmLwKTYD6AB5pKnxwPIAQKoAwHIA8kEqgTgAU_QORJO6yf5XLq75K42uaeLRFK341LxcxgCnvHJnLLR36xVqp499LvYwZzgLRZvanO3GnR9CktQmnyWDuSoXbtbuIPCT1CFmE5fyIGsFZIkB5RUL1xTk3zbbR5rn-vH-qkuURdaFFMLR838OkKYr6GGjGEz6UmbOm5yGqe5OYpR38g-bV-PSwdNDsekvsKRYH4HOXlsVbfmluVqHwHrA_zMtsCON7Xz-yBeBm34-EPHJcwwwXXV-ira9Ky6PS4eelntiQU-2F7NKFFzHY5MJx7j8qVu8scL8Y81Z9_vXm7vwATdlt_T0gOSBQQIBBgBkgUECAUYBKAGAoAHgu3YOKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIPZXdIIBwiAYRABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNzQ0NjMyMzA3NzAwNzc2NxgA&sigh=ayvkVDmIoY8&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=2366104698&adf=1524467814&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741865&bpp=5&bdt=453&idt=152&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=4142132405610&frm=20&pv=2&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bEH9Ibkgln&p=http%3A//visitroo.com&dtd=187
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 19 Feb 2022 22:45:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Feb 2022 22:45:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E933 143 B
163 B 3ms
2ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=2366104698&adf=1524467814&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741865&bpp=5&bdt=453&idt=152&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=4142132405610&frm=20&pv=2&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bEH9Ibkgln&p=http%3A//visitroo.com&dtd=187

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sat, 19 Feb 2022 22:18:26 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E933
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

58ms
57ms

Document
text/html

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 19 Feb 2022 22:45:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Feb 2022 22:45:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 19 Feb 2022 22:45:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8C88 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bfc032abad44adf74a4cea5f5e05a334b5b4ab73837c1eccfe9ca8dafaed9bd

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 45B1 35 KB
13 KB 15ms
4ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 01:41:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 01:41:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0DCE 8 KB
1 KB 37ms
18ms Stylesheet
text/css 142.251.40.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f10.1e100.net

Software

ESF /

Resource Hash

e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 21:36:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Feb 2022 22:45:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Feb 2022 22:45:43 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 0DCE 2 KB
904 B 18ms
5ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:34:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/ Frame 0DCE 19 KB
8 KB 20ms
7ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

cafe /

Resource Hash

cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 1930320615972901081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:32:03 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 0DCE 2 KB
1 KB 15ms
3ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:45:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DCE 124 KB
38 KB 41ms
28ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38723
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645015031201889"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 22:45:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/ Frame 0DCE 15 KB
6 KB 16ms
5ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220216/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

cafe /

Resource Hash

78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6438
x-xss-protection: 0
server: cafe
etag: 12093742715590823996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Mar 2022 22:39:17 GMT

GET
H2 200 6db0573cb067ea4557d3af56fc7062b8.js Show response
www.gstatic.com/mysidia/ Frame 0DCE 28 KB
12 KB 22ms
2ms Script
text/javascript 142.251.32.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6db0573cb067ea4557d3af56fc7062b8.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f3.1e100.net

Software

sffe /

Resource Hash

a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 09:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11678
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 08:01:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 May 2022 09:59:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0DCE 0
0 74ms
73ms Fetch
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRsb7FnMRYoHcBoXbMKycitAFi-OavWjPgJCByg2K0aPtvgEQASDkjbMmYMnGqYvApNgPoAHp_fXPA8gBCagDAcgDywSqBN4BT9BlwSGhoJE_JEPDoyRaBtx1tHpMGPbGxjJIMOC0Nr6VS5pR6kBQ4RFtM6OT5mrt40N-r6g_QAr7rarAZqEQXgV-iTzCaZouqV59B5FAzatcKSrX-aVW0j7xlwVmq8xmKqnMf7_VvSUPnM0pxhEjGuLniVfsRSCEEaqI6SyBAcRaRwrycjDjVZJdmKwsIdSjDubd-5_4gy_4R_cZ3I0CCt1lR8rUrV4FvjJ_R-jC8CfGUBGYJjQY804YbX2ncMhPky_JHULiUuwosttzWQLqvJXtKTNC7Obh6a_qpMYcwASl_-jGwgOSBQQIBBgBkgUECAUYBKAGLoAH57SUxQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDmiivSCAcIgGEQARgfgAoByAsBuBOIJ9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi03NDQ2MzIzMDc3MDA3NzY3GAA&sigh=Tzii8REU0pE&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 19 Feb 2022 22:45:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14597352796009358250/ Frame 0DCE 34 KB
34 KB 13ms
6ms Image
image/jpeg 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14597352796009358250/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

sffe /

Resource Hash

d6b243b3f9e12b390000c9580cd41fb38c53fa7f64daeb06d0e0b80959383d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:07:18 GMT
x-content-type-options: nosniff
age: 369505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34990
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 23:00:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Feb 2023 16:07:18 GMT

GET
DATA 200
OK truncated
/ Frame 0DCE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0DCE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0DCE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3546e52f9b4281d39dd752308eb78c06b5112c79fc8b5e6203c6c211a61c47bf

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 0DCE 28 KB
28 KB 16ms
3ms Font
font/woff2 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:11:09 GMT
x-content-type-options: nosniff
age: 362074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:11:09 GMT

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 50C9 35 KB
13 KB 3ms
3ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7446323077007767&output=html&h=250&slotname=4209950748&adk=3883482247&adf=1311911600&pi=t.ma~as.4209950748&w=970&lmt=1645310742&psa=0&format=970x250&url=http%3A%2F%2Fvisitroo.com%2F&flash=0&wgl=1&dt=1645310741883&bpp=2&bdt=471&idt=193&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=4142132405610&frm=20&pv=1&ga_vid=888850637.1645310742&ga_sid=1645310742&ga_hid=1749368713&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=2903&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C44752536&oid=2&pvsid=4216130377237902&pem=232&tmod=355862160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=e7jz2Pt8qt&p=http%3A//visitroo.com&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 01:41:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 01:41:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C88 42 B
64 B 75ms
65ms Fetch
image/gif 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQzOdvLbd2N_nmVzCnvu6udZRSPaRUkDeDb-A0l4B9wq65WN896dLZV1ie7x21g5m2_bgcK8yxmwvvjlkHOZNy_xqbFNkA7bz_iiPTJgJk5NL0frM&sai=AMfl-YTL_eCKsQf2y8md_cxwj8iHy-XfpxntXbLFyJhPYFZHsuHZvhIfZFpHo4Z8KhoF3_-nFeGGerv9CY_P&sig=Cg0ArKJSzBSh81gteRziEAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=0.7&if=1&app=0&itpl=4&adk=2366104698&rs=2&la=1&cr=0&vs=4&r=v&rst=1645310742054&rpt=613&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:45:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 28ms
27ms XHR
application/json 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220216&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

086d9f34d21ec3f4b312819ed22b64dd6c1d8e937d0b197f5536cb72bb6c6af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Feb 2022 22:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9926
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Feb 2022 22:45:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E3F 13 KB
5 KB 3ms
2ms Document
text/html 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Feb 2022 00:34:45 GMT
expires: Sun, 19 Feb 2023 00:34:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 79860
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 65B9 783 B
534 B 35ms
23ms Document
text/html 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

GSE /

Resource Hash

c28e3b7461c39cb33f33ba72127f19ef933f0083856d3a7b5eac6dcc63bf1bc7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QTRdIH9rPmFNejjfsPOsQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 19 Feb 2022 22:45:45 GMT
date: Sat, 19 Feb 2022 22:45:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QTRdIH9rPmFNejjfsPOsQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E3F 35 KB
13 KB 3ms
3ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

sffe /

Resource Hash

4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 01:41:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 01:41:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 65B9 0
0 66ms
66ms Image
text/html 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220216&jk=4216130377237902&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s70-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3E3F 0
9 B 3ms
2ms Image
text/plain 142.250.64.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fWmBgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.64.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s31-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 19 Feb 2022 22:45:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
66ms Image
image/gif 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220216&jk=4216130377237902&bg=!j4yljMjNAAbf-5Dq3_s7ACkAdvg8WjLt-xeaVle7k5a4bEtuLv_XFIqtI8qPMmqvS0lxWWDlLLbnXgIAAABZUgAAAAJoAQeZAspcrscL44-RMciJ-pSYR8CR0xJmCGwoHMd54YgB132SqjJayPkMeE8-W_WOTGNDObpFgYh0ZV65NZqWdkV4RkSuNpFFAxMoG-IzfZuXHI4Ubq0znBK3BadWKOjuw5agV88-niRNLNt5pmA_fdQfG7y0AAiZmMBr0rdIUD1JRXUJZ1o9d11biiF2ox5Ono0e9Bp0CxXtpQ0N-V2teWNjZhMKYT8iGJxmN9VW5gQ79GYkTUm9ilsJ1w5LgdLmvwFQOAp9HZghwx9hWptmZO8iYOr2sE-vrnt9GkzLuPMdi73Bee_N8Hpr5kADPLtYXzUeyoU5SchKqFdoBJX-LDRLa27NE-ONrmG8ZKKELu8Uitt8PxsZfr1_Zvn-XAqgrjXjHOWYgHbtLmLTWM4X1nN26iQteaBqB01v3pLVsDbK8JtawmIwO3zcKuGkdPhPH_VP8hUOQJl0-OgDHf8_6K_pgxCphVmsb2oNAXPxU94LUuFSMdp3ntBxNI0wvXJX87NIpZFj8tzgiRjYkE8ckQTljgR7xCAtxM69vI3Xd1_5hmFWPq3LYsn6pORjOBbBd1ncoqKPnFnL3KYVCARd06Qz_ohMXo0eP7iq8AKA9avFlb90uyKD08Uhk6sa0dxH3aCCI85CHDeq_DCsFPvbZqLPlxZAnG5-wBc_SIH_MUsQCi7VPz3TsdxMlkDEcrXFGd6SVnhuUc9b1iPmD_iIxFX_GEe9vK3FsRUshkPMIKnYqeyO1bhB2HIwtWqUlFvamLVPR3qB-QyMVA8ZJDcYbUINAQNrcwjWIrvueExqG9thA-cipPQdIxokLcTkFww3augUxVNCatHwl8_iD2NDWXDv6nSzeKQpAK7TUZkSNlwztMlx_dUqbS059WbiwhJRFNSFUnw4zCV0e7UMk0ejGDAszNkyaU5NSwfjdZcxQtl4PD8OjHQKpsglPvhbH0M

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://visitroo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 22:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 01:45:02	Name: _li_ss Value: MgYIoQEQwRE
visitroo.com/	1970-01-20 01:11:55	Name: CAKEPHP Value: 513t8iob626gpmi0n6l22sjko1
.visitroo.com/	1970-01-20 18:33:02	Name: _ga Value: GA1.2.888850637.1645310742
.visitroo.com/	1970-01-20 01:03:17	Name: _gid Value: GA1.2.407592143.1645310742
.visitroo.com/	1970-01-20 01:01:50	Name: _gat Value: 1
.shareaholic.com/	1970-01-20 18:33:44	Name: c_id Value: 578c2454-fba7-4180-a53e-d7d5e6d4950a
.visitroo.com/	1970-01-20 10:23:26	Name: __gads Value: ID=d9ca1fdb1f406586-227c375b28d000a8:T=1645310742:RT=1645310742:S=ALNI_Mafgq6OXCv-3wi92xJwvKmE7A1Mfw
.shareaholic.com/	1970-01-20 01:16:14	Name: p_tl Value: 1
.shareaholic.com/	1970-01-20 01:22:00	Name: p_locc_user_id_expiry Value: 1
.owneriq.net/	1970-01-20 18:33:02	Name: si Value: Q6985971421360981965J
.owneriq.net/	1969-12-31 23:59:59	Name: p2 Value: lrc.tapq.oxc
.owneriq.net/	1970-01-20 01:16:14	Name: oxc Value: 1
.owneriq.net/	1970-01-20 01:16:14	Name: tapq Value: 1
.owneriq.net/	1970-01-20 01:16:14	Name: lrc Value: 1
.scorecardresearch.com/	1970-01-20 18:18:38	Name: UID Value: 1DAc5394e7a6a8a08affe061645310742
.ml314.com/	1970-01-20 01:01:50	Name: u Value: aHR0cDovL3Zpc2l0cm9vLmNvbS8=
.ml314.com/	1970-01-20 09:47:26	Name: pi Value: 3625259579801075736
.ml314.com/	1970-01-20 01:22:00	Name: tp Value: 2%3b2%2f19%2f2022+5%3a45%3a42+PM%3b0
.openx.net/	1970-01-20 09:47:26	Name: i Value: ce7a36eb-7c5e-478f-a441-c531ea260d31\|1645310742
.crwdcntrl.net/	1970-01-20 07:30:36	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 07:30:36	Name: _cc_id Value: f77d96a61749bb6cec8f12e7cc6e7a9e
.rlcdn.com/	1970-01-20 09:47:26	Name: rlas3 Value: s7VURYqtd28ULO6HchIRqGsPvT7grEQSvNi6zDSQ4v8=
.rlcdn.com/	1970-01-20 02:28:14	Name: pxrc Value: CAA=
.tapad.com/	1970-01-20 02:28:14	Name: TapAd_TS Value: 1645310742314
.tapad.com/	1970-01-20 02:28:14	Name: TapAd_DID Value: 4b6d9185-ff86-49fe-8dbb-9b252dea4879
.tynt.com/	1970-01-20 09:47:26	Name: uid Value: CoIKS2IRcxZIziFAJleaAg==
.simpli.fi/	1970-01-20 09:48:53	Name: suid Value: 7EB121A62BA943C7BB0D770F0091D96C
.eyeota.net/	1970-01-20 09:47:26	Name: mako_uid Value: 17f14298f4b-45a70000010a544d
.eyeota.net/	1970-01-20 01:01:51	Name: SERVERID Value: 21581~DM
.mathtag.com/	1970-01-20 10:27:45	Name: uuid Value: 19ff6211-7316-4300-ae23-169053af578c
.tynt.com/	1970-01-20 03:11:26	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1645310742428%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1645310742428%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1645310742428%7D%2C%7B%22p%22%3A%22179d15a463%22%2C%22f%22%3A1%2C%22ts%22%3A1645310742428%7D%5D
.adsymptotic.com/	1970-01-20 03:11:26	Name: U Value: fba7e93aef764fa909ae503c1860f3e6
.aggle.net/	1970-01-20 03:11:26	Name: aggcid Value: 84987bbd-2a1f-4f0a-861b-f7b8bc79c6e2
.aggle.net/	1970-01-20 03:11:26	Name: aggsid Value: gAAAAABiEXMWeRawVlrebq86-O6w2PYdEtdTE3ofyVznZJ8A6rA8pY7_UqZAP_AWI5LBUVAIQo2JPHkttrBO7M5Vm8UDNMMgfSa9_HXU364w4jP-UMHcjCQ
.33across.com/	1970-01-20 09:47:26	Name: 33x_ps Value: u%3D1917005985433%3As1%3D1645310742525%3Ats%3D1645310742525
.adnxs.com/	1970-01-20 03:11:26	Name: uuid2 Value: 8929090037869049794
.go.affec.tv/	1970-01-20 09:47:26	Name: ck Value: 62117316d6bfb40001f2e259
.go.affec.tv/	1970-01-20 09:47:26	Name: oo Value: 1
.rezync.com/	1970-01-20 10:22:57	Name: zync-uuid Value: 1a373165-8b19-458d-853d-b6f30f2070e0:1645310742.54
live.rezync.com/	1970-01-20 10:23:26	Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjp7IiBiIjoiTVdFek56TXhOalV0T0dJeE9TMDBOVGhrTFRnMU0yUXRZalptTXpCbU1qQTNNR1V3T2pFMk5EVXpNVEEzTkRJdU5UUT0ifX0.FPMElg.C_yKGn2BNWBWl26gxStFq3fSzYE
.vk.com/	1970-01-20 09:54:33	Name: remixlang Value: 3
.adnxs.com/	1970-01-20 03:11:26	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVM=dYou!@wnf-Te9(>wL5L!!'56$W9y=
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAAXBwRGAMAgEwI_t4HDAAdqNmSSFpHJ3z2X4vBxJ6YFHgj2l6VNGbtdtWrr0RQYdWmE34wfuTQ8hNQAAAA
.rfihub.com/	1970-01-20 10:23:26	Name: rud Value: H4sIAAAAAAAAAOMSsjSzNDc1NDO3MDI1MzGzsDAwEeIz1C0IMjGozIzMKdcNLZfiNTQzMTU2NDA3MTK1NAUAz73-JjMAAAA
.rfihub.com/	1970-01-20 10:23:26	Name: eud Value: H4sIAAAAAAAAAEXHuRGAMAwEwAqIXIcYfSfJdGOPcUGEVEvIZvs0lWFpEqCa0slRiwq2aMY23srJN18SDhNO1xP-tuM_Oj5AH1GfRQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSsjSzNDc1NDO3MDI1MzGzsDAwEeIz1C0IMjGozIzMKdcNLQcAr9WaeyQAAAA
.liadm.com/	1970-01-20 18:33:02	Name: lidid Value: e15c9d8f-cf42-45a7-9252-167ca5beddcd
.go.affec.tv/	1970-01-20 09:47:26	Name: pt Value: eyJhbiI6eyJkdCI6MTY0NTMxMDc0MiwiaWQiOiI4OTI5MDkwMDM3ODY5MDQ5Nzk0IiwibHMiOjE2NDUzMTA3NDJ9LCJ0dCI6eyJkdCI6MTY0NTMxMDc0MiwiaWQiOiJDb0lLUzJJUmN4Wkl6aUZBSmxlYUFnPT0iLCJscyI6MTY0NTMxMDc0Mn0sInYiOjB9\|1645310742\|fa970392dea5d7564ec5e91709f2fb0000d47809
.doubleclick.net/	1970-01-20 01:01:54	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 18:33:02	Name: IDE Value: AHWqTUmEXB07C_jWRDvv3_mC37VaMHViFEKFDhhRdSOpD4ISORWU4Kg2-jnZVDPG
.pippio.com/	1970-01-20 09:47:26	Name: did Value: eMzJg9lSe9T8swoZ
.pippio.com/	1970-01-20 09:47:26	Name: didts Value: 1645310742
.pippio.com/	1970-01-20 02:28:14	Name: nnls Value:
.pippio.com/	1970-01-20 02:28:14	Name: pxrc Value: CAA=
.doubleclick.net/	1970-01-20 01:01:51	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
aggle.net
analytics.shareaholic.com
api.bufferapp.com
api.pinterest.com
api.tumblr.com
cdn.tynt.com
connect.ok.ru
de.tynt.com
dp1.33across.com
dsms0mj1bbhn4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.liadm.com
i.simpli.fi
ic.tynt.com
idsync.rlcdn.com
live.rezync.com
m9m6e2w5.stackpathcdn.com
map.go.affec.tv
maxcdn.bootstrapcdn.com
ml314.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
pippio.com
pixel.mathtag.com
ps.eyeota.net
px.owneriq.net
sb.scorecardresearch.com
secure.adnxs.com
sync.crwdcntrl.net
tapestry.tapad.com
tpc.googlesyndication.com
us-u.openx.net
visitroo.com
vk.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.reddit.com
www.shareaholic.net
www.yummly.com
104.16.138.31
104.18.10.207
104.18.101.194
104.18.26.71
104.18.28.199
104.21.19.248
107.178.246.49
107.178.254.65
107.20.140.231
142.250.64.97
142.250.64.98
142.250.64.99
142.250.72.110
142.250.81.226
142.251.32.99
142.251.40.194
142.251.40.196
142.251.40.234
151.101.64.84
151.101.65.140
151.139.128.11
169.44.76.76
172.217.165.130
18.214.54.215
184.73.100.94
192.0.77.40
199.38.167.129
217.20.147.3
23.195.108.221
23.217.18.198
34.204.113.242
35.190.60.146
35.244.159.8
52.71.162.243
52.73.153.177
52.85.61.108
52.85.61.28
52.85.61.44
54.230.244.132
54.85.224.115
67.202.105.23
67.202.105.32
67.202.105.34
68.67.161.205
76.223.58.180
93.186.225.208
05ba4ac74c0c46f4a0913ac0662f1f1edba9f6dcad68d7a8cf2ebf6088061657
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
06eace4f82a0afa30466db160bde2e3e17d0c3bf17d2fd5bd9c96ab475d20a86
07537e28f42815647251bec0059d8c055bf2cf2223e8a929e3843a3890f399e0
086d9f34d21ec3f4b312819ed22b64dd6c1d8e937d0b197f5536cb72bb6c6af2
088173184e96e48be727e6825ba18436c2c379c7de956dc52ef1c7eefb717503
0cc6bf6ee2d71b885b40cb74dc668b3f3db97a474d0d904ef6a9a9f1b53d1f25
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0cfd01f61f14eb6d881159ad18587bb4501c97ae7db9bbc9c5dd04a35362cb03
0efa45269769a3cb6a1a401464df12608d011612b888d50f1951aa7a803059f7
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14a9bf0afb1d8451446cea57d783fb6e96c0e11ac428a10217c72114c9f186c4
1673658707ae82627cbcf39dad47afa27da81939c5a8797a114867042bb87674
167e9fc66534f5e0ac22ba9f2cc16193a2bb15ee804b7a17fe7efc5af2823812
16ae1c85194b403d3b66ba5e3f4e7e7958b73cedbbe3452b8a3815928b6f2e95
17c318df37d8f3ede60cf0862910e1d2df33240eaad3582bf5520502bdeb4d2c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20462689c914ecca5ce540b53a19cd341cf6b6a50d51f8127ce9854190e5b412
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
26e5953ad83fb1d65bbfb35830d52216e6cbda8b27d7f01b9d869a3e6e478b75
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b307cb381c097ee54a99733f2e8860ace20e5ce394f14ef72f3b242bf9bf90f
2e93fba7137fd2c24cfbf538b10e9c49fd8b95e5d7b181f3152a8a10037678f2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3546e52f9b4281d39dd752308eb78c06b5112c79fc8b5e6203c6c211a61c47bf
354af3840552d36e53fc45aeaa34b8b5a7d9df9115d783e5783573236259928a
3bfc032abad44adf74a4cea5f5e05a334b5b4ab73837c1eccfe9ca8dafaed9bd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3aee00a471cbf82700e22d93e79e30a2d63c83f1812361fe20c05bc579114e
40b6d5468425c78762034d7462921888068523c3701f31e40d7e02eb9b9b069c
4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10
43146e02e07008599eb3a6cfb75149df283363852b8eeb72499a5f4bda097447
43df8f4651490bb1e833377742ddc098ae04b38717430b68a17686ca0545f2dd
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
48746531dc7e441819df4f2783f6e7cdde86bb1402670dd4b6af7ea2c726ef9f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf9f865d42aaa1a064376bce656300b9026a6725f9c7e5b2abbd059774c0707
4d2ebf73008723e10d928cd12d3d42759dbdc3674cf32f858cbc15b912dd48ce
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e874bb1b36354260953c3c17520cd271a2d70adacd414722193b40802968a2
51bd716f818fa8a7a04bbb043c62a6cdd2942050b50d4f1b261104821f13a186
555efe40ce2612e5824a6f0e1aa9c1cc28d648b25aff825fff852a52ef8be53e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5632b5899309b49f2efef137f5dacfaede79aff746b491a05105d39037151d8f
59b04a15dacf5d7c6befe6dd8f0c26a66bfab4ac12cf05b7d9acd177e22f5b03
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5db0bfe61bd184aff8494fba4db71b10dc5b310be381a1c78a0458e00d7b7381
5e481439280c9d61ac96f6cd3c3eb8027334fab5f56843ed7cc483cf5d6337da
605c2d513de51d48c7114c7c519a1bc519af9e2ef555cb50c037afdb188e12f2
618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cea2ef75ba1126cdda6b1131e8373fef580cb38bd5619b2155b2437f9934f1
630cefd9bc5de27498646c8c1cbd6e0bf7bf83e16735aba94a4a18683dfebc0e
65b30515e84a091f4575fb6da61c862430c42ff927b072089fa5bc071e8a45ab
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6bb81973a5f0d2ead30ae8063c83710f6157b34f12ce6f039fc1590004b90fce
6d8ee68b34c704233d43fea146c3c827d60f23e3d01488c0213add0b9f68cbec
6e9642f11a15299f816673b07af13871679394f7c588e6ea54a6b2bcfc288d19
75666e6fb52457b49f0293bb7832a42f8196f67552493f80f9f85c41521ba6f6
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee
813eeae047ec51a3f12a360b7ea335a9b611b29943d8566f6054390b018ca2b4
82236ffb1856b452f5a25e4293b31847f85764d82618284fb5d1acc49525597e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8412935aec3791cb428d6554a8a0655b885b820700e72ea6518301d4ff7857b1
8c366f5b1225142b6db5eb18312a82015355edf307cdf9a0add0a1500c56f3e7
8c43ef3439d4a189378416440f34167941bbd13ee0368abc0ce134afab43e65e
8f30fc75d3a2dcff25d5bc161173576638e416dd1c00c80db20261fa2d23adcb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a128dcad321a245fc5fb2caea7f7ba8f393eddf713a5ff873e9860f755d8556a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a47e8f4fccff57e29d17994090597bcb0afd458190a6a36d15f85d01f413de28
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50761af47976acf2a9b1ed88cff6727c6c0fa4a18c2806a26f108c5268b4c1f
a6e5969f81d359480c859d669acbb28b5cbf4d8885c14d2700af859220edfdd1
a7f172b86f33fcf9016f97a7d5a9e70e6304829e37f8a007ef253ed98c3991b0
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
ad78de3742c4c88ee9a0fe90a6c6274802ecc204eb805ec0da0cbf402b06626d
b11861acd537aeca2bebd767e081e25592385ebbbfab36be9b3d0c8b32ee856c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bae7de70606d863a0d10537e40109e5c9534035a32713c8abaf09cfbeb2a3ebd
bd930a6b6a388e8c29b983c876ae043b9f9352c5f670d9a26d7bafcd6d8ebaa5
bf8d225dabaaa86f4ebd1a261a2c5b060a6bbd4ea7e0f2296d6ecf2b2eff9a92
c28e3b7461c39cb33f33ba72127f19ef933f0083856d3a7b5eac6dcc63bf1bc7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c56d15d7b02cc9adfda76d7767c2380619376f2206b89f427e669d97eeaf583a
c6f2702a110940c13ac68de011f3a9127579411b8c40d3ec768be65d10719c34
c79072a0f5224b5b5889cae1d8ee33e7ddd8474c210f24a8138bcb5f5c6a87cf
cb0a1ac121b8aa9b8e2912768985ee6341cdd33d4c7b4db39052731d4b5248e2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4704b8d71ddb11722acdc84c73f8296a25b3011be8e22f0a8cb12f1a0bb1a3b
d6971ea48c0ce9c5f9fcb4f55d2182504a0c7eb967bd2c6839a8dbcf70c2e3d4
d6b243b3f9e12b390000c9580cd41fb38c53fa7f64daeb06d0e0b80959383d27
d71122a802e63c143b48c37d78d74947039e508a38e9b3281db8b7ae76b0ace8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8d5dbc709a15b69ef15aca8294424911fe5d3b708fb922ea32a4b37fb594cf0
d9f9be9aa3486ef0ea2c9cd1bcaec3e188dfdf89554c7bc759a64abce7b9f9f0
db21d0584181f7e3238b5121e4f5edfc93be69a57330973224789b12213905b8
dc207fcedfaeae154cb19a716cba883042582f916f5afb40316286fae2d3cdfa
dd6827291927e2e49accc21d6dd6bf5e6dacb1e3093c79f9f0cb96c6771c956f
de77c956fbb1f507dbc131ece6ae193fa6fe0f4c6337ece817d7ccbd157c52d3
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e2f40b3a8aaf4a2abb1987007547690206251ee187f7594db715cfaebad6b654
e3445f2864a27ea2c0db92f8cb3890ebdd764b2b1cdb35d6cc91a3c242806cd1
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b2ffd1f1d4ac003bf08c481d0b2f3db19a03325d0e31c0c9ad9d45dbea930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f8db139e6da6b29118761f93ecd10353ddba7ef362979f316cc7bdfa9572d509
f91087c9c346c82402e4d84c3411387bcabc89ef275cb8dc3e7b13859aff0b0b
fa1c0543fd15ccf4f8a01605e58d910f7b7549edfe382442dec9eed8172d150b
fb9ca74070d8b0437e6549c9e6a73f78a101f9238c1002854a4bb477c479ebc7
fc16507c2f5a3b3e5ffeab2ede8de21381fa1420e281a7b941e17fe57bb5854a

visitroo.com Open in urlscan Pro 104.21.19.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

50 %HTTPS

0 %IPv6

41 Domains

47 Subdomains

42 IPs

3 Countries

2877 kBTransfer

3968 kBSize

56 Cookies

5 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

visitroo.com Open in urlscan Pro
104.21.19.248 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

50 %
HTTPS

0 %
IPv6

41
Domains

47
Subdomains

42
IPs

3
Countries

2877 kB
Transfer

3968 kB
Size

56
Cookies

136 HTTP transactions
5 data transactions