wicked.tours Open in urlscan Pro
161.35.113.156  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wicked.tours/	482 KB 60 KB	598ms 380ms	Document text/html	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash f7702779b1af7c41107e53f603e60b08c54ff140229f3738498ee6d1414554f9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 15 Aug 2023 14:25:30 GMT expires Tue, 15 Aug 2023 14:25:29 GMT link <https://wicked.tours/wp-json/>; rel="https://api.w.org/", <https://wicked.tours/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json", <https://wicked.tours/>; rel=shortlink server nginx vary Accept-Encoding
GET H2	200	style.basic.css wicked.tours/wp-content/plugins/ajax-search-lite/css/	21 KB 4 KB	95ms 94ms	Stylesheet text/css	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 947e611b2cb75cb862f3802ca9d4f81cce21680d57204dfa300396e6c5526479 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 13:37:29 GMT server nginx etag W/"62ebcb99-541c" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000
GET H2	200	style-curvy-black.css wicked.tours/wp-content/plugins/ajax-search-lite/css/	6 KB 1 KB	96ms 95ms	Stylesheet text/css	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/ajax-search-lite/css/style-curvy-black.css?ver=4.10 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 5c80505133c2b387dbe571c9b908be7e815b86ec57d1cb8de7f1b8212cb0d304 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 13:37:29 GMT server nginx etag W/"62ebcb99-1927" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000
GET H2	200	home_78e954f1.css wicked.tours/wp-content/themes/gondola-wp/dist/styles/	179 KB 29 KB	101ms 101ms	Stylesheet text/css	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/themes/gondola-wp/dist/styles/home_78e954f1.css?ver=5.8.7 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 8ca751ceb71e2d5a0e90c0e686802bc06947c4810c28e68e9f3bae092cdf4c0a Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Sun, 13 Aug 2023 10:41:32 GMT server nginx etag W/"64d8b35c-2cb1a" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000
GET H2	200	gondola-custom-css.css wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/	7 KB 1 KB	102ms 102ms	Stylesheet text/css	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 13dcf34683ed7baa4d54f307e5a4480cdee482d89ead94a09e03fda19e2a2e6e Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Sun, 13 Aug 2023 00:30:12 GMT server nginx etag W/"64d82414-1abc" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	133ms 48ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans&display=swap Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 15 Aug 2023 13:15:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 15 Aug 2023 14:25:30 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	35ms 14ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=5.8.7 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4646589 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27938 last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek8%2Bh5YGcv6Oj9RxdhNXTOHS08uNIVbUHn%2FXgX0EH9T1l8PvrpKBsKr5OsZzHbhszzmbQhtxiJgFlI7kDSzVgW7wWvFAeIg%2BDBKVHmHYsjTF%2B7qdB5x4Pnqv1jqIHfXUDQHwHpeBhanl0rXWZRulhimW"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f721b751f05046a-FRA expires Sun, 04 Aug 2024 14:25:30 GMT
GET H2	200	jquery-migrate.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.4.0/	13 KB 5 KB	14ms 13ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.4.0/jquery-migrate.min.js?ver=5.8.7 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16eb18d9c6303cdd50ac58db5b2b116c5dcc4c43c89424f268f6d13fc599fb19 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 506639 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4305 last-modified Thu, 22 Jun 2023 11:06:02 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942b1a-10d1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6dD%2BHnSV8aoAJYRFmFVxZGCdVauzriAuSJSXmTzKVvBcI3RerUDjSW%2Fo1AaDNCIfzqjyv1UJaPROfgw6c2uRMJh9VRreSfqO2EQGfBDGO792qRstpoXFezRTEJ5bE1yPE7MvjN8WpzzXyPLJf8D4W0w"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f721b75bfcc046a-FRA expires Sun, 04 Aug 2024 14:25:30 GMT
GET H2	200	simplebar.js Show response wicked.tours/wp-content/plugins/ajax-search-lite/js/min/external/	36 KB 10 KB	98ms 97ms	Script application/javascript	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/external/simplebar.js?ver=4751 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 6f74cd5afbfe6fab11489dfcc70fb996ccd7b3dc935927d7402aa285d9692207 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 13:37:29 GMT server nginx etag W/"62ebcb99-8e7c" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	asl-prereq.js Show response wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/	19 KB 6 KB	99ms 97ms	Script application/javascript	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4751 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 202ee5b585222e2c8660b175f70624ec845320e95ec306ede1e9ad6ca12ec453 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 13:37:29 GMT server nginx etag W/"62ebcb99-4c8e" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	asl-core.js Show response wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/	37 KB 10 KB	99ms 98ms	Script application/javascript	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4751 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 5d2daebf3aef880f90c88253bcd48338de8886ee772559966c2594fae8e14e3a Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 13:37:29 GMT server nginx etag W/"62ebcb99-93c5" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	asl-results-vertical.js Show response wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/	1 KB 841 B	100ms 98ms	Script application/javascript	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4751 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash ece88845d2c0a327f6a7957ec596d1014820fbfb62b31a13b8152a28dbd41bb5 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 13:37:29 GMT server nginx etag W/"62ebcb99-594" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	asl-load.js Show response wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/	71 B 242 B	100ms 99ms	Script application/javascript	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4751 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 13:37:29 GMT server nginx etag W/"62ebcb99-47" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	asl-wrapper.js Show response wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/	5 KB 2 KB	140ms 139ms	Script application/javascript	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4751 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash c2c2302b5ee2629a243e633d6b69610fd35586ccd25f9402332ee496b51ceb3e Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 13:37:29 GMT server nginx etag W/"62ebcb99-129d" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	home_78e954f1.js Show response wicked.tours/wp-content/themes/gondola-wp/dist/scripts/	172 KB 53 KB	141ms 140ms	Script application/javascript	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/themes/gondola-wp/dist/scripts/home_78e954f1.js?ver=5.8.7 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 3cb7726e8b79b35609c0d579d23fb32d887e54564d1318aaa21a09fc158fd163 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Sun, 13 Aug 2023 10:41:32 GMT server nginx etag W/"64d8b35c-2b1e9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	lazyload.min.js Show response wicked.tours/wp-content/plugins/rocket-lazy-load/assets/js/16.1/	8 KB 3 KB	95ms 94ms	Script application/javascript	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip last-modified Tue, 10 May 2022 11:27:06 GMT server nginx etag W/"627a4c0a-1ed2" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	css2 fonts.googleapis.com/	5 KB 696 B	62ms 61ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@200;400;700&display=swap Requested by Host: wicked.tours URL: https://wicked.tours/wp-content/themes/gondola-wp/dist/styles/home_78e954f1.css?ver=5.8.7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 10c98bbc33a05850d696fe3510360cf317ccbd9b2456f754072fba7c8bb7eb0d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 15 Aug 2023 14:23:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 15 Aug 2023 14:25:30 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	205 KB 73 KB	139ms 54ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-54TM3L Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 603a0da2e08b8a30266cfccdde6038b9cd9aee11cd0af49fbda79dc2d1028271 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74332 x-xss-protection 0 last-modified Tue, 15 Aug 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 15 Aug 2023 14:25:30 GMT
GET H2	200	api.min.js Show response a.omappapi.com/app/js/	53 KB 19 KB	41ms 7ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 34f6f75ebed9d8ada5d33eb94f0d79feccb051e308897da31e96cc0751582878 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding br cdn-edgestorageid 1080 perma-cache HIT cdn-storageserver DE-676 cdn-cachedat 08/14/2023 18:43:02 cdn-pullzone 293267 last-modified Mon, 14 Aug 2023 18:43:02 GMT server BunnyCDN-DE1-1081 cdn-fileserver 588 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64da75b6-d3b1" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid fe4bb05ffead775a49102787e3c56810 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Wicked-WIne-Tours-Kelowna-150-1280x778.jpeg.webp wicked.tours/wp-content/uploads/sites/459/2022/12/	195 KB 195 KB	96ms 94ms	Image image/webp	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://wicked.tours/wp-content/uploads/sites/459/2022/12/Wicked-WIne-Tours-Kelowna-150-1280x778.jpeg.webp Requested by Host: wicked.tours URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash e5e3d6fdd78fb14597e2501ec74b3d5c730d13a2e6718a18a8639e43cdc9d34e Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT last-modified Sat, 05 Aug 2023 15:13:45 GMT server nginx etag "64ce6729-30a16" content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes content-length 199190
GET H2	200	sh4.jpeg.webp wicked.tours/wp-content/uploads/sites/459/2022/10/	349 KB 349 KB	189ms 188ms	Image image/webp	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://wicked.tours/wp-content/uploads/sites/459/2022/10/sh4.jpeg.webp Requested by Host: wicked.tours URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash bdd6e29b3886816b933e6c994cf33b6f01d7239a484b844c676c473bc53bfc83 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT last-modified Sat, 05 Aug 2023 15:13:47 GMT server nginx etag "64ce672b-57298" content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes content-length 357016
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 31 KB	123ms 38ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://wicked.tours accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 20:44:11 GMT x-content-type-options nosniff age 63679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 13 Aug 2024 20:44:11 GMT
GET H2	200	Wicked-WIne-Tours-Kelowna-149-scaled-e1687731432851-2000x411.jpg.webp wicked.tours/wp-content/uploads/sites/459/2023/06/	93 KB 93 KB	141ms 141ms	Image image/webp	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://wicked.tours/wp-content/uploads/sites/459/2023/06/Wicked-WIne-Tours-Kelowna-149-scaled-e1687731432851-2000x411.jpg.webp Requested by Host: wicked.tours URL: https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash a46da94dfac27524612777c4490056d31db2b35c757b6da2b82537602ea3a022 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/wp-content/uploads/sites/459/gondola-custom-css/gondola-custom-css.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT last-modified Sat, 05 Aug 2023 15:13:47 GMT server nginx etag "64ce672b-173d8" content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes content-length 95192
GET H2	200	api.min.css a.omappapi.com/app/js/	10 KB 3 KB	8ms 7ms	Stylesheet text/css	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.css Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 721cc9150c432bbc0b113c4fb7c04e920d1392cc7b53bb17c233758faecdc500 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding br cdn-edgestorageid 1082 perma-cache HIT cdn-storageserver DE-679 cdn-cachedat 08/14/2023 18:43:53 cdn-pullzone 293267 last-modified Mon, 14 Aug 2023 18:42:55 GMT server BunnyCDN-DE1-1081 cdn-fileserver 599 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64da75af-2644" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 079ccdc4155b64fb9c56f131dfbb63b7 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	27313 Show response api.omappapi.com/v2/embed/	227 B 825 B	168ms 113ms	XHR application/json	99.84.88.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/27313?d=wicked.tours Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-48.muc50.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT via 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront) x-cache-config 0 0 x-amz-cf-pop MUC50-C1 x-cache-status HIT x-cache Miss from cloudfront content-length 227 x-optinmonster-account 1132 x-user-agent standard-- last-modified Thu, 01 Jan 1970 00:00:00 GMT server Pagely Gateway/1.5.1 etag "b91e5dc54e033e761837b7b846da520f" vary Accept-Encoding, User-Agent content-type application/json access-control-allow-origin * access-control-expose-headers X-OptinMonster-Account, X-User-Agent cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-headers X-CSRF-Token x-amz-cf-id Vmk_1RGacJTK_j5FKIOTf4H1QxQpyLXhPadO93BXdZxcQQ_u4VKpuQ== expires Tue, 15 Aug 2023 14:21:52 GMT
GET H2	200	categories Show response wicked.tours/wp-json/wp/v2/	5 KB 2 KB	252ms 251ms	XHR application/json	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wicked.tours/wp-json/wp/v2/categories Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 2b876dabb5630dc9676455815d153c597bd056c287fde55b56971c6e288e8078 Security Headers Name Value X-Content-Type-Options nosniff Request headers X-NewRelic-ID Vw8GVVBWARAFUFdQBgQHUFQ= tracestate 3914659@nr=0-1-3914659-601386332-1ca503a3b493aebc----1692109530722 traceparent 00-1f90196e383e47e8f9ca8ece9a4ab600-1ca503a3b493aebc-01 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MTQ2NTkiLCJhcCI6IjYwMTM4NjMzMiIsImlkIjoiMWNhNTAzYTNiNDkzYWViYyIsInRyIjoiMWY5MDE5NmUzODNlNDdlOGY5Y2E4ZWNlOWE0YWI2MDAiLCJ0aSI6MTY5MjEwOTUzMDcyMn19 Accept */* Referer https://wicked.tours/ X-Requested-With XMLHttpRequest Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding gzip x-content-type-options nosniff content-length 1646 x-wp-doingitwrong register_rest_route (since 5.5.0; The REST API route definition for <code>wp/v2/sites/delete/?(?P<blog_id>\d+)?</code> is missing the required <code>permission_callback</code> argument. For REST API routes that are intended to be public, use <code>__return_true</code> as the permission callback.) server nginx x-wp-totalpages 1 allow GET vary Origin,Accept-Encoding content-type application/json; charset=UTF-8 access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control max-age=0 x-wp-total 3 x-robots-tag noindex link <https://wicked.tours/wp-json/>; rel="https://api.w.org/" access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type expires Tue, 15 Aug 2023 14:25:30 GMT
GET H2	200	WickedTours_Logo_RGB_DarkonLight-4.jpg.webp wicked.tours/wp-content/uploads/sites/459/2023/07/	5 KB 5 KB	98ms 93ms	Image image/webp	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://wicked.tours/wp-content/uploads/sites/459/2023/07/WickedTours_Logo_RGB_DarkonLight-4.jpg.webp Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 79796fbb26ba2657716333085f5f97f70907d487be8186afb6d1b3882c698a1a Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT last-modified Mon, 10 Jul 2023 23:28:22 GMT server nginx etag "64ac9416-12a8" content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes content-length 4776
GET H2	200	verify.png wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/	4 KB 4 KB	98ms 94ms	Image image/png	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/verify.png Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash b3ff07a3bed2a2caf71349a34d93f15630b6caee6ca625d8a0a45c1e021b6aac Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT last-modified Sun, 13 Aug 2023 10:44:43 GMT server nginx etag "64d8b41b-e20" content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 3616
GET H2	200	AD_cMMQm6Woi87rJWbW6GiWmr1NKWFSa8wpN-d-dhumDKs38AJ8=s240-c-rp-mo-br100 lh3.googleusercontent.com/a-/	95 KB 96 KB	124ms 36ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/a-/AD_cMMQm6Woi87rJWbW6GiWmr1NKWFSa8wpN-d-dhumDKs38AJ8=s240-c-rp-mo-br100 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash dd81c839f6bbdf3864d1bc8fa792f6eb8ae4629302517793f5114d798bc24d7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:25 GMT x-content-type-options nosniff age 5 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 97627 x-xss-protection 0 server fife etag "v127" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 16 Aug 2023 14:25:25 GMT
GET H2	200	AAcHTtfqTQie9PIU54WFjZdRHNYqiLm9AuBv_jRxh3qH4VnJ=s240-c-rp-mo-br100 lh3.googleusercontent.com/a/	8 KB 8 KB	213ms 125ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/a/AAcHTtfqTQie9PIU54WFjZdRHNYqiLm9AuBv_jRxh3qH4VnJ=s240-c-rp-mo-br100 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 07a89f1baa671136d0524bcb903f60cd582014343f30f13ed8a03e2193d4ef6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:25 GMT x-content-type-options nosniff server fife age 5 vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8260 x-xss-protection 0 expires Wed, 16 Aug 2023 14:25:25 GMT
GET H2	200	AAcHTteUGKFU09V1W-Ly5Yg--4NEVbDKOqtjKawUXly-8hv8=s240-c-rp-mo-br100 lh3.googleusercontent.com/a/	8 KB 8 KB	216ms 128ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/a/AAcHTteUGKFU09V1W-Ly5Yg--4NEVbDKOqtjKawUXly-8hv8=s240-c-rp-mo-br100 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 75e7ad438810e9ade0ab14db06b6b89bc60dd37269947ce8e9d333fcf879b2cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:25 GMT x-content-type-options nosniff server fife age 5 vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8057 x-xss-protection 0 expires Wed, 16 Aug 2023 14:25:25 GMT
GET H2	200	5.78b36768.min.js Show response a.omappapi.com/app/js/	16 KB 6 KB	18ms 18ms	Script application/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/5.78b36768.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 7680e45da3168c3240c3287c1f14af99ca941299901de2aae917a0f5c4d6a3d5 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding br cdn-edgestorageid 1082 perma-cache HIT cdn-storageserver DE-677 cdn-cachedat 08/13/2023 19:53:52 cdn-pullzone 293267 last-modified Mon, 31 Jul 2023 21:41:16 GMT server BunnyCDN-DE1-1081 cdn-fileserver 382 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"64c82a7c-4140" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid 31581f28c9b66993754283435a59ee14 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	122ms 37ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 15 Aug 2023 13:49:43 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2147 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 15 Aug 2023 15:49:43 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	172 KB 47 KB	23ms 7ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 15 Aug 2023 14:25:30 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 47245 x-xss-protection 0 pragma public x-fb-debug WYt1eZQ7+o76HLJnCwLgyUYMB1xK2KEFMqGbepkrzrOb5RqjOMtHUPYxVtor5kbloONgBN7IpWoEkBbdfQjiTA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	247 KB 84 KB	56ms 55ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 125b2b721979b40f78aa7f29e2420df09e9e8c6f7ca37089c4a73e28d1b0819d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85844 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 15 Aug 2023 14:25:30 GMT
GET H2	200	index.js Show response tomis-bot.firebaseapp.com/	175 KB 42 KB	51ms 8ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/index.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d011bda44d9e1fd64ef2a638bf283db569f0c1bce9a3e2699a49fdbe72db0eee Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230080-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:30 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.948764,VS0,VE1 etag "56b515efbd77e4ae3fa64ba0c615a6b7f52df65a8df6ea88343c3136540ea4d4-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 42342 x-cache-hits 1
GET H2	200	585564213285457 Show response connect.facebook.net/signals/config/	383 KB 110 KB	95ms 95ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/585564213285457?v=2.9.123&r=stable Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3eaeaa2159e4c3152227020a9f178c948ff91ad088c4d99eab2a14e6096361c5 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 15 Aug 2023 14:25:31 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug Puv4sJGA31mAslwVfLVqPf9gmUzLAQ4pNyuLjPpJ4UK8X+G65PpJu5Q+QJeEhcIWT4WIgkCmY5Xl5QAoNsqZAw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	google-reviews.png wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/	62 KB 62 KB	94ms 94ms	Image image/png	161.35.113.156 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://wicked.tours/wp-content/themes/gondola-wp/resources/assets/images/google-reviews.png Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 161.35.113.156 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 624165.cloudwaysapps.com Software nginx / Resource Hash 2cca9425a6cfd78413a633f610ae0c99c2406515ef867b0c65c01393df4c6e3a Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:31 GMT last-modified Sun, 13 Aug 2023 10:44:43 GMT server nginx etag "64d8b41b-f7ba" content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 63418
GET H2	200	amplitude-5.2.2-min.gz.js Show response cdn.amplitude.com/libs/	54 KB 18 KB	67ms 15ms	Script application/javascript	108.156.61.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.61.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-61-65.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 23 May 2023 00:51:56 GMT content-encoding gzip via 1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront) x-amz-version-id aZB1RIRJqET7nosqRtOBVideRuh0jIV6 x-amz-cf-pop AMS1-P2 age 7306416 x-cache Hit from cloudfront content-length 17889 last-modified Mon, 21 Oct 2019 15:45:34 GMT server AmazonS3 etag "b568e7b3c9d94da6a1d4845b18400f7a" content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id cZlRHWDP2MfHVk1whPawjUwlIuTo0XQxaNTf04EukHx63Af-WOxhQg==
GET H2	200	index.html Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame 4EF7	544 B 312 B	13ms 12ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e2aadc0e6fc0ed3479693cfd25125bc7a671188d9b652cf654fcaf1a75ad89d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://wicked.tours/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 181 content-type text/html; charset=utf-8 date Tue, 15 Aug 2023 14:25:30 GMT etag "e1b39ad87edce2fae73af2c26d2073f22df4ea5c749e56dcf542d89e73907c10-br" last-modified Wed, 31 May 2023 18:31:58 GMT strict-transport-security max-age=31556926; includeSubDomains; preload vary x-fh-requested-host, accept-encoding x-cache HIT x-cache-hits 1 x-served-by cache-fra-eddf8230080-FRA x-timer S1692109531.995796,VS0,VE2
GET H2	200	setupBot.434df5a7.js Show response tomis-bot.firebaseapp.com/	12 KB 3 KB	19ms 18ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/setupBot.434df5a7.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 556471e06016bae630eecc5ea5d99313e28f931c1a60261d3ee0042a2f63288f Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230080-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:30 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.995742,VS0,VE3 etag "3cb01104fafd65dd947edc6afba050d10e5f0055201a8a28a278befa91a706f1-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3298 x-cache-hits 1
GET H2	200	setupBot.f16d9c79.js Show response tomis-bot.firebaseapp.com/	7 KB 2 KB	14ms 14ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/setupBot.f16d9c79.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash deac51a86192d922ceac425210427bb85c528055c35230237e306e3dd2d5fa93 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230080-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:30 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.994611,VS0,VE1 etag "e6930a622fcb45415a0379b21556de274351dde5c7116fdd26934d3aa83b845b-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 2026 x-cache-hits 1
GET H2	200	setupBot.52feaaa3.js Show response tomis-bot.firebaseapp.com/	5 KB 2 KB	15ms 15ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/setupBot.52feaaa3.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a107f2501219f43504bcc5dc42fc44c92768698b5f54348c24be8aecc1dba0f8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230080-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:30 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.994585,VS0,VE1 etag "f9ed51ed900658ac853fe881c5d3313c8ec6c01bdf2a0141c685a77e5ec944a1-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1842 x-cache-hits 1
GET H2	200	index.html Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame D77B	544 B 245 B	11ms 10ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e2aadc0e6fc0ed3479693cfd25125bc7a671188d9b652cf654fcaf1a75ad89d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://wicked.tours/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 181 content-type text/html; charset=utf-8 date Tue, 15 Aug 2023 14:25:30 GMT etag "e1b39ad87edce2fae73af2c26d2073f22df4ea5c749e56dcf542d89e73907c10-br" last-modified Wed, 31 May 2023 18:31:58 GMT strict-transport-security max-age=31556926; includeSubDomains; preload vary x-fh-requested-host, accept-encoding x-cache HIT x-cache-hits 2 x-served-by cache-fra-eddf8230080-FRA x-timer S1692109531.997767,VS0,VE0
POST H2	204	collect region1.analytics.google.com/g/	0 252 B	55ms 22ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-G2TMJJ58WS&gtm=45je3890&_p=754747545&_gaz=1&cid=1453574948.1692109531&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1692109531&sct=1&seg=0&dl=https%3A%2F%2Fwicked.tours%2F&dt=Award%20Winning%20Kelowna%20Wine%20Tours%20%7C%20Wicked%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://wicked.tours cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	57ms 18ms	Ping text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G2TMJJ58WS&cid=1453574948.1692109531&gtm=45je3890&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-G2TMJJ58WS&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://wicked.tours cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	147ms 62ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G2TMJJ58WS&cid=1453574948.1692109531&gtm=45je3890&aip=1&z=1911019287 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	index.e146ab76.js Show response tomis-bot.firebaseapp.com/bot/ Frame 4EF7	12 KB 4 KB	8ms 8ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.e146ab76.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d41728b2940bb85ef1dd4562b95844c4c82e9c30ff4c076437eab1908e7651c0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.051128,VS0,VE1 etag "2df833f3ad2d93bfba0d556f89fffe85e82b363a20d0987fc104a2301d76fe0e-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3864 x-cache-hits 1
GET H3	200	index.8ba329e9.js Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame 4EF7	772 B 748 B	17ms 16ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.8ba329e9.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 57f2981e603f0c4f61f0a69a34093689941ea83b34ad127ece1f2a0d3ca4f8ce Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.051425,VS0,VE10 etag "dedb4dd75a790f7d086174ad48ecb3d06d165cf5e01245be4017dff4d9f4ed4c-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 397 x-cache-hits 1
GET H3	200	index.e146ab76.js Show response tomis-bot.firebaseapp.com/bot/ Frame D77B	12 KB 4 KB	8ms 7ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.e146ab76.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d41728b2940bb85ef1dd4562b95844c4c82e9c30ff4c076437eab1908e7651c0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.052474,VS0,VE0 etag "2df833f3ad2d93bfba0d556f89fffe85e82b363a20d0987fc104a2301d76fe0e-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3864 x-cache-hits 2
GET H3	200	index.8ba329e9.js Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame D77B	772 B 748 B	16ms 16ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.8ba329e9.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 57f2981e603f0c4f61f0a69a34093689941ea83b34ad127ece1f2a0d3ca4f8ce Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.052813,VS0,VE9 etag "dedb4dd75a790f7d086174ad48ecb3d06d165cf5e01245be4017dff4d9f4ed4c-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 397 x-cache-hits 2
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 219 B	45ms 44ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=754747545&t=pageview&_s=1&dl=https%3A%2F%2Fwicked.tours%2F&ul=en-us&de=UTF-8&dt=Award%20Winning%20Kelowna%20Wine%20Tours%20%7C%20Wicked%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAIC~&jid=1208496918&gjid=280202793&cid=1453574948.1692109531&tid=UA-11247999-2&_gid=1724714435.1692109531&_slc=1&gtm=45He3890n7154TM3L&z=1788377142 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 37c3246190bb092843330a405aa9200c7456b312970da6328d05aed54bd8b14d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://wicked.tours/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://wicked.tours cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	19ms 18ms	XHR text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11247999-2&cid=1453574948.1692109531&jid=1208496918&gjid=280202793&_gid=1724714435.1692109531&_u=YCDAiEABBAAAAGAAIC~&z=456761735 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wicked.tours/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 15 Aug 2023 14:25:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://wicked.tours cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	3457756354483018 Show response connect.facebook.net/signals/config/	307 KB 87 KB	102ms 102ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3457756354483018?v=2.9.123&r=stable Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e0286a2d3f06b9aa68ec982d037056b12acb104127ee3483d1ddea57970ab87c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 15 Aug 2023 14:25:31 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug wsn+NCw6C8LmwmMBzUA950fDBg5nt5d5S2nmIwfvJia4r9OPtIAe5lG0wpupg+2P/kCYvIe5k6Z+9NyNiFa+nQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	29ms 7ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=585564213285457&ev=PageView&dl=https%3A%2F%2Fwicked.tours%2F&rl=&if=false&ts=1692109531159&sw=1600&sh=1200&v=2.9.123&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1692109531157.1399722539&cs_est=true&it=1692109530964&coo=false&rqm=GET Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 15 Aug 2023 14:25:31 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	153ms 61ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11247999-2&cid=1453574948.1692109531&jid=1208496918&_u=YCDAiEABBAAAAGAAIC~&z=1568970411 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	66ms 66ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11247999-2&cid=1453574948.1692109531&jid=1208496918&_u=YCDAiEABBAAAAGAAIC~&z=1568970411 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	index.html Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame D813	544 B 506 B	7ms 6ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e2aadc0e6fc0ed3479693cfd25125bc7a671188d9b652cf654fcaf1a75ad89d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://wicked.tours/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 181 content-type text/html; charset=utf-8 date Tue, 15 Aug 2023 14:25:31 GMT etag "e1b39ad87edce2fae73af2c26d2073f22df4ea5c749e56dcf542d89e73907c10-br" last-modified Wed, 31 May 2023 18:31:58 GMT strict-transport-security max-age=31556926; includeSubDomains; preload vary x-fh-requested-host, accept-encoding x-cache HIT x-cache-hits 2 x-served-by cache-fra-eddf8230039-FRA x-timer S1692109531.169675,VS0,VE0
GET H3	200	index.html Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame FFF9	544 B 506 B	8ms 8ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e2aadc0e6fc0ed3479693cfd25125bc7a671188d9b652cf654fcaf1a75ad89d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://wicked.tours/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 181 content-type text/html; charset=utf-8 date Tue, 15 Aug 2023 14:25:31 GMT etag "e1b39ad87edce2fae73af2c26d2073f22df4ea5c749e56dcf542d89e73907c10-br" last-modified Wed, 31 May 2023 18:31:58 GMT strict-transport-security max-age=31556926; includeSubDomains; preload vary x-fh-requested-host, accept-encoding x-cache HIT x-cache-hits 3 x-served-by cache-fra-eddf8230039-FRA x-timer S1692109531.173713,VS0,VE0
GET H3	200	index.e146ab76.js Show response tomis-bot.firebaseapp.com/bot/ Frame D813	12 KB 4 KB	7ms 6ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.e146ab76.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d41728b2940bb85ef1dd4562b95844c4c82e9c30ff4c076437eab1908e7651c0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.191425,VS0,VE0 etag "2df833f3ad2d93bfba0d556f89fffe85e82b363a20d0987fc104a2301d76fe0e-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3864 x-cache-hits 3
GET H3	200	index.8ba329e9.js Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame D813	772 B 748 B	7ms 7ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.8ba329e9.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 57f2981e603f0c4f61f0a69a34093689941ea83b34ad127ece1f2a0d3ca4f8ce Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.191559,VS0,VE0 etag "dedb4dd75a790f7d086174ad48ecb3d06d165cf5e01245be4017dff4d9f4ed4c-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 397 x-cache-hits 3
GET H3	200	js Show response www.googletagmanager.com/gtag/	233 KB 81 KB	57ms 57ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QR38R8B9EV&cx=c&_slc=1 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2cc9ba5c1b5f382a6e73e49870386882e5a586994b475c20607ebf0669119ad2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82991 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 15 Aug 2023 14:25:31 GMT
GET H3	200	index.e146ab76.js Show response tomis-bot.firebaseapp.com/bot/ Frame FFF9	12 KB 4 KB	8ms 6ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.e146ab76.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d41728b2940bb85ef1dd4562b95844c4c82e9c30ff4c076437eab1908e7651c0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.196526,VS0,VE0 etag "2df833f3ad2d93bfba0d556f89fffe85e82b363a20d0987fc104a2301d76fe0e-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3864 x-cache-hits 4
GET H3	200	index.8ba329e9.js Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame FFF9	772 B 748 B	8ms 7ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.8ba329e9.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 57f2981e603f0c4f61f0a69a34093689941ea83b34ad127ece1f2a0d3ca4f8ce Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.196637,VS0,VE0 etag "dedb4dd75a790f7d086174ad48ecb3d06d165cf5e01245be4017dff4d9f4ed4c-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 397 x-cache-hits 4
POST H2	200	/ Show response api.amplitude.com/	7 B 206 B	561ms 182ms	XHR text/html	54.201.38.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.38.6 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-38-6.us-west-2.compute.amazonaws.com Software / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://wicked.tours/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=15768000 trace-id Root=1-64db8adb-2e0cb38b7e2dfa863b6396d1 content-length 7 access-control-allow-methods GET, POST content-type text/html;charset=utf-8
GET H3	200	index.html Show response tomis-bot.firebaseapp.com/bot/ Frame 88C7	999 B 668 B	7ms 7ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.html?site=wicked-wine-tours&initialParentWidth=1600&initialParentHeight=1200 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4c607ccf9021b43e43246c2131cd5701949626e1e39f458fc0f21ca020b1c116 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://wicked.tours/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 341 content-type text/html; charset=utf-8 date Tue, 15 Aug 2023 14:25:31 GMT etag "9f93dc6765c9761ad4fd182384bb72853419ddc0d99cdd983923f22ff40e88c8-br" last-modified Wed, 31 May 2023 18:31:58 GMT strict-transport-security max-age=31556926; includeSubDomains; preload vary x-fh-requested-host, accept-encoding x-cache HIT x-cache-hits 1 x-served-by cache-fra-eddf8230039-FRA x-timer S1692109531.226299,VS0,VE1
GET H3	200	index.9789028d.css tomis-bot.firebaseapp.com/bot/ Frame 88C7	60 KB 26 KB	8ms 8ms	Stylesheet text/css	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.9789028d.css Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.html?site=wicked-wine-tours&initialParentWidth=1600&initialParentHeight=1200 Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 324c74f7c2c2e9f6d2d2492c52b072aeb668df481db7b3affe019aeafd146b65 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/bot/index.html?site=wicked-wine-tours&initialParentWidth=1600&initialParentHeight=1200 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.236370,VS0,VE1 etag "d5c6f8b8517660cf2059469267f4c8c6b604eae91db820a0a3b46d0a0479ddfa-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/css; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 26010 x-cache-hits 1
GET H3	200	index.e146ab76.js Show response tomis-bot.firebaseapp.com/bot/ Frame 88C7	12 KB 4 KB	7ms 6ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.e146ab76.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.html?site=wicked-wine-tours&initialParentWidth=1600&initialParentHeight=1200 Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d41728b2940bb85ef1dd4562b95844c4c82e9c30ff4c076437eab1908e7651c0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/bot/index.html?site=wicked-wine-tours&initialParentWidth=1600&initialParentHeight=1200 Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.236523,VS0,VE0 etag "2df833f3ad2d93bfba0d556f89fffe85e82b363a20d0987fc104a2301d76fe0e-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3864 x-cache-hits 5
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 88C7	222 KB 77 KB	62ms 58ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YT7KJT8ZQC Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.html?site=wicked-wine-tours&initialParentWidth=1600&initialParentHeight=1200 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash abd0ca144f024a6f8a32b44eea053b5e34ebb6ec51c7911c6e32c3d8a6a40e6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79107 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 15 Aug 2023 14:25:31 GMT
GET H3	200	index.8396c700.js Show response tomis-bot.firebaseapp.com/bot/ Frame 88C7	2 MB 343 KB	11ms 10ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.html?site=wicked-wine-tours&initialParentWidth=1600&initialParentHeight=1200 Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cb7d7a75065631dda866ff45ac085057bec17b08dbcd43fc537d66a8b6188c56 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/bot/index.html?site=wicked-wine-tours&initialParentWidth=1600&initialParentHeight=1200 Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109531.236656,VS0,VE2 etag "03d1b8e9ecd646910b790d60fb588b32c09a70e5422e92dfc22bcc5910a4df4b-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 350782 x-cache-hits 1
GET H2	200	/ www.facebook.com/tr/	0 31 B	7ms 7ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3457756354483018&ev=PageView&dl=https%3A%2F%2Fwicked.tours%2F&rl=&if=false&ts=1692109531281&sw=1600&sh=1200&v=2.9.123&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1692109531157.1399722539&it=1692109530964&coo=false&rqm=GET Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 15 Aug 2023 14:25:31 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	18ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-QR38R8B9EV&gtm=45je3890&_p=754747545&_gaz=1&ul=en-us&sr=1600x1200&cid=1453574948.1692109531&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwicked.tours%2F&dt=Award%20Winning%20Kelowna%20Wine%20Tours%20%7C%20Wicked%20Tours&sid=1692109531&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QR38R8B9EV&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://wicked.tours cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect stats.g.doubleclick.net/g/	0 17 B	19ms 18ms	Ping text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QR38R8B9EV&cid=1453574948.1692109531&gtm=45je3890&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QR38R8B9EV&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://wicked.tours cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	64ms 62ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QR38R8B9EV&cid=1453574948.1692109531&gtm=45je3890&aip=1&z=250155830 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	amplitude-5.2.2-min.gz.js Show response cdn.amplitude.com/libs/ Frame 88C7	54 KB 18 KB	16ms 15ms	Script application/javascript	108.156.61.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.61.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-61-65.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 23 May 2023 00:51:56 GMT content-encoding gzip via 1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront) x-amz-version-id aZB1RIRJqET7nosqRtOBVideRuh0jIV6 x-amz-cf-pop AMS1-P2 age 7306416 x-cache Hit from cloudfront content-length 17889 last-modified Mon, 21 Oct 2019 15:45:34 GMT server AmazonS3 etag "b568e7b3c9d94da6a1d4845b18400f7a" content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-amz-cf-id w-13TLDyNywVbp1GtV6zMrgsTO4pxNwP4fzQZ2ib5vagjBszLcGTeA==
GET H3	200	index.html Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame 31D3	544 B 506 B	7ms 6ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e2aadc0e6fc0ed3479693cfd25125bc7a671188d9b652cf654fcaf1a75ad89d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://wicked.tours/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 181 content-type text/html; charset=utf-8 date Tue, 15 Aug 2023 14:25:31 GMT etag "e1b39ad87edce2fae73af2c26d2073f22df4ea5c749e56dcf542d89e73907c10-br" last-modified Wed, 31 May 2023 18:31:58 GMT strict-transport-security max-age=31556926; includeSubDomains; preload vary x-fh-requested-host, accept-encoding x-cache HIT x-cache-hits 4 x-served-by cache-fra-eddf8230039-FRA x-timer S1692109532.553729,VS0,VE0
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 88C7	240 KB 82 KB	55ms 55ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-W7MK7RTR55&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YT7KJT8ZQC Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 965880885e47a81d7ec43755c300429960cf0e9b30d01cf68dee9f0ebb6970bc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83811 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 15 Aug 2023 14:25:31 GMT
GET H3	200	index.e146ab76.js Show response tomis-bot.firebaseapp.com/bot/ Frame 31D3	12 KB 4 KB	7ms 7ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/bot/index.e146ab76.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d41728b2940bb85ef1dd4562b95844c4c82e9c30ff4c076437eab1908e7651c0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109532.574150,VS0,VE0 etag "2df833f3ad2d93bfba0d556f89fffe85e82b363a20d0987fc104a2301d76fe0e-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3864 x-cache-hits 6
GET H3	200	index.8ba329e9.js Show response tomis-bot.firebaseapp.com/tomis-device-id/ Frame 31D3	772 B 748 B	7ms 7ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tomis-bot.firebaseapp.com/tomis-device-id/index.8ba329e9.js Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 57f2981e603f0c4f61f0a69a34093689941ea83b34ad127ece1f2a0d3ca4f8ce Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://tomis-bot.firebaseapp.com/tomis-device-id/index.html Origin https://tomis-bot.firebaseapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-served-by cache-fra-eddf8230039-FRA strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br date Tue, 15 Aug 2023 14:25:31 GMT last-modified Wed, 31 May 2023 18:31:58 GMT x-timer S1692109532.574185,VS0,VE0 etag "dedb4dd75a790f7d086174ad48ecb3d06d165cf5e01245be4017dff4d9f4ed4c-br" vary x-fh-requested-host, accept-encoding x-cache HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 397 x-cache-hits 5
OPTIONS H2	204	/ us-central1-tomis-bot.cloudfunctions.net/getTokenFromDeviceId/ Frame	0 0	191ms 122ms	Preflight text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-tomis-bot.cloudfunctions.net/getTokenFromDeviceId/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://tomis-bot.firebaseapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Authorization, X-TWILIO-SIGNATURE, Content-Type, x-api-key access-control-allow-methods POST, OPTIONS, PUT, GET access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 15 Aug 2023 14:25:31 GMT function-execution-id cx66lbf682d3 server Google Frontend x-cloud-trace-context 83e08b1863fd395c7db18dd48292047a
POST H2	201	/ Show response us-central1-tomis-bot.cloudfunctions.net/getTokenFromDeviceId/ Frame 88C7	806 B 755 B	128ms 128ms	Fetch application/json	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-tomis-bot.cloudfunctions.net/getTokenFromDeviceId/ Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash a7a7d3d17cc015035034026bb135a26219c04460726840c00c1e2284a207804e Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json Response headers date Tue, 15 Aug 2023 14:25:31 GMT content-encoding gzip server Google Frontend etag W/"326-Qc1YHEIJvA9ry6WIIeGTSm4/zcI" content-type application/json; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com x-cloud-trace-context e184d3b139a84aa5be77f859a35efcc6 cache-control private access-control-allow-credentials true function-execution-id cx66s6xq77jp alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 584
GET H2	200	async-api.e9f77430-1.237.1.min.js Show response js-agent.newrelic.com/	3 KB 2 KB	34ms 6ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/async-api.e9f77430-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 370a9e517ef0694db38a18b53a46711e1461912f0074f024db5373ff946fc894 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id Nnzi3DxfGlFxxxaHTHoVoaEtXaaSwSj1 content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id FGM44G2H3T95M0RG x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 1384 x-amz-id-2 pYMoGKzxpzTDzhmdjTgFG5JFai/unv5XW+Eo4tyfxeb6QhVr+NUuCnGsSPtGwjMZeEidI8tMaCw= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:07 GMT server AmazonS3 x-timer S1692109532.695027,VS0,VE0 etag "193a6d6f02af9cfb9888de413246e90b" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 2010
GET H2	200	860.95a91211-1.237.1.min.js Show response js-agent.newrelic.com/	14 KB 5 KB	34ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/860.95a91211-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c0aee72df00de1dcfe4d631dd2a72979cee0e756ef7e243b2799856582c44557 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id EoQgbqtiNktUFHe2XcVVByjJaUw3xjmB content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id FGME0EFST6A5NB5B x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 5422 x-amz-id-2 Th5W14ONfFa1hPkjGXdAwsnAcmTWbhXtOnkYTgyxzqjdHoN5/7oAlCp3nkLVz675UvH0slqFSN0= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:08 GMT server AmazonS3 x-timer S1692109532.695170,VS0,VE0 etag "b550851fb79f7d61442ca34a6120ac44" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 2022
GET H2	200	session-manager.d080e4cc-1.237.1.min.js Show response js-agent.newrelic.com/	1 KB 913 B	33ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/session-manager.d080e4cc-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id oaOpBoY_R0Emmn1D4qOBGa8Bli_CwZsc content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id FGM1T0AT17NVAZ13 x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 686 x-amz-id-2 O6L3Ip1/4vY5L1/soaX8sXkNC/gXPkvDfaja4IcpjlxbDAWhaXoBV8SjiDx7hZYgttdDgTYrt4U= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:08 GMT server AmazonS3 x-timer S1692109532.695160,VS0,VE0 etag "a097cb2068fb2d63e521cacf139c921d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1825
POST H3	200	/ Show response www.facebook.com/tr/ Frame 9228	0 18 B	9ms 7ms	Document text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://wicked.tours Referer https://wicked.tours/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://wicked.tours alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Tue, 15 Aug 2023 14:25:31 GMT priority u=0,i server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	lazy-feature-loader.c1052c27-1.237.1.min.js Show response js-agent.newrelic.com/	1 KB 867 B	6ms 6ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/lazy-feature-loader.c1052c27-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 8f51d7bb4a7314fbd42bd5a2cec23adcfd23441c6539c3437cac22bc10c285a5 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id 4gplzRtxWsISTBSfvxcHM2iQ7IWskafp content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id FGMFHKA8BCZDAHJD x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 422 x-amz-id-2 b1C6Hx7FixjbCwFIc+5ICMs9iLzGLUJtTJaIbhcfAT1kfqQ6k4sioRXp5G7/iX9xorqroX6uKSI= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:07 GMT server AmazonS3 x-timer S1692109532.709679,VS0,VE0 etag "e2a4dffecb3f725ca685cfc37cc223f8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1787
GET H2	200	646.9e7a6b8d-1.237.1.min.js Show response js-agent.newrelic.com/	8 KB 4 KB	7ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/646.9e7a6b8d-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash de72c7056110de6c12aefd6fedb26a0e323d4cfab62d84c64db52e168af372e5 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id J93EXw1eqMtGdXxiO91RJ8N7Vb2Flihy content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id M1VJ869YA1CC3394 x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 3460 x-amz-id-2 7fIhRwbqln0AFC4AK5A665eA4jDD4mVUfLc87VlErCNtrPMQrbVJjBEkcCgJ8km/2QVNwyxyw+E= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:07 GMT server AmazonS3 x-timer S1692109532.719224,VS0,VE0 etag "ec83dba32689d4a796844e10a31121ff" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1173
GET H2	200	page_view_event-aggregate.4988d952-1.237.1.min.js Show response js-agent.newrelic.com/	11 KB 4 KB	7ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/page_view_event-aggregate.4988d952-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7662a5a8640648c39b824f101e232d34b73499503492d05394988f00ab79f1b4 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id 97KO3uF7bK0xbSFbyTLOB.IfHKJDnJRG content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id M1VRE94K7XRRMEKF x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 4294 x-amz-id-2 Yz1zUSno2wNxfKe4XnAb95sfluvgftG6IT0ySvYWfSXH/AG7aUpLcOpFzZakSBkiNwYvHyaC5gk= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:08 GMT server AmazonS3 x-timer S1692109532.719211,VS0,VE0 etag "82daa027f82e87cd1c2fdffd51598981" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1795
GET H2	200	page_view_timing-aggregate.7b2a53ee-1.237.1.min.js Show response js-agent.newrelic.com/	15 KB 6 KB	7ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/page_view_timing-aggregate.7b2a53ee-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a1c8bf8b428570336332bf63dd4efaf9e41b95dd4d83e324592d87d3042f747e Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id 9V3_HBwcuGR4s0SRIPY4jJi2AWvILXpO content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id M1VYTC65XAS3WA5V x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 5638 x-amz-id-2 2WR1q1UWLCH5CBEXlilo1jPYP4cR1ZF8dL5IU8GOnsi9ZlRtZC6OgyISGCycUyId7zIRsJp8hpc= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:08 GMT server AmazonS3 x-timer S1692109532.719965,VS0,VE0 etag "be733f239fd67b0efd24d572dfe8263c" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1799
GET H2	200	metrics-aggregate.b86cefcf-1.237.1.min.js Show response js-agent.newrelic.com/	9 KB 3 KB	7ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/metrics-aggregate.b86cefcf-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 141c410edab90686e098d4a827e8b79d8c8e295694508ddb4e3003f955127b65 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id dqbxt2r61x_OSAHoWthSPNHI9j_y3Vhk content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id M1VZ3551HKA05NVV x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 3060 x-amz-id-2 mwGokb8xilNe2NDwDN/oGsjr0G6h0rybiuYfofj8129iB+pgsDGxKsFVv3svieqzkZFXUjpUfk4= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:08 GMT server AmazonS3 x-timer S1692109532.720449,VS0,VE0 etag "41c470a0065b8af87ec8b24a5a1862ca" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1794
GET H2	200	jserrors-aggregate.319b8300-1.237.1.min.js Show response js-agent.newrelic.com/	9 KB 4 KB	7ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/jserrors-aggregate.319b8300-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 54139966e109c68735a44b35b95246e11cdd5650953f83ddcc313918c1781f1c Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id Wqoe0vEV1sR_CfPyr.jdfBzQfelSdNcp content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id 737QW07YQQ74X12R x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 3788 x-amz-id-2 VqN3uBBQnpKd5WcXnRs60LW6MuuAfS6D/e+AG671IhRVVLWyLdat24y1vUBlvaOQ73hXgtUoTSs= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:07 GMT server AmazonS3 x-timer S1692109532.721049,VS0,VE0 etag "35a3ce136e1282f16781b827a37a89f7" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1227
GET H2	200	ajax-aggregate.d95c640e-1.237.1.min.js Show response js-agent.newrelic.com/	7 KB 3 KB	8ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/ajax-aggregate.d95c640e-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash fd5e7c7720684f36bf690799e993f4596a528ddad2d2b0776a44b54f351a346a Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id 5_bUHwPFgsylfRZgZg9LU_MxHwk2thZV content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id M1VQY4G3XQSMJYF3 x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 3180 x-amz-id-2 gZkKjU1CwwXSIV0FoCP6NMdIG7v3dgxRy3BYRq1FpoUd84Hoe2pcgjeMPUoNYE1+7h9yo+p4ziI= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:07 GMT server AmazonS3 x-timer S1692109532.722091,VS0,VE0 etag "d560f610f09ecacfa4f67f360dc3de45" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1231
GET H2	200	session_trace-aggregate.ac30a1f3-1.237.1.min.js Show response js-agent.newrelic.com/	12 KB 5 KB	7ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/session_trace-aggregate.ac30a1f3-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e3311fa9ef47f454f5320d40bcd3f91242131a623ed05fdc413ef3be5c04c99b Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id a..pyNDlrB77mwaqeUK7hJqVgFTMus.l content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id M1VY1WTDQM4P56M0 x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 4723 x-amz-id-2 DxeotEqCmAhFuT4c+imdVjKpUEomTgOvka4uVVqqXSymSQml8uWe9LurQVts8jsT+gPY9kU1gUY= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:08 GMT server AmazonS3 x-timer S1692109532.722104,VS0,VE0 etag "8363afb49dbbbf0e3cead025aa695785" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1227
GET H2	200	page_action-aggregate.467f8594-1.237.1.min.js Show response js-agent.newrelic.com/	5 KB 2 KB	9ms 9ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/page_action-aggregate.467f8594-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5c4c64480a62d4461b33a7b3b890215112602eb40ba0c9237f20acda99313da6 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id poxkzUMPnKJ.fArM4f0sbBjh6siyXLRa content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id M1VZ4B5BJF9N7M7F x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 1947 x-amz-id-2 eZTsI7uuiEeD9A6gU/g/PuS4oF9ocdVaNldnnaw7vyuI9GpWCq3CDWNTXQbt7qoEztQW5jOulwY= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:08 GMT server AmazonS3 x-timer S1692109532.722496,VS0,VE0 etag "33a909348b29a0c055bef58833261435" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 1218
GET H2	200	spa-aggregate.550eec7b-1.237.1.min.js Show response js-agent.newrelic.com/	20 KB 8 KB	9ms 9ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/spa-aggregate.550eec7b-1.237.1.min.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 78b18cfd9628f122a101ef693f21138d554ca7d55ff3c595c4d69c9b420714b4 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id yyO9gZPZh3EXOIuKtrznWz3VbTeouUgJ content-encoding br via 1.1 varnish date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=300 x-amz-request-id M1VZ4Q908HVWHEF5 x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 7763 x-amz-id-2 FPb2G83kvp9Guvab+vZETdM4vaWeQqCvnWUZyPVJUmDk/Oo4UyuZBq/4O4xzVai7Zsv3Pa8Rjss= x-served-by cache-fra-eddf8230101-FRA last-modified Wed, 02 Aug 2023 19:59:08 GMT server AmazonS3 x-timer S1692109532.722986,VS0,VE0 etag "22f63f3005d466203719daf86f994001" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 967
POST H/1.1	200 OK	NRJS-825139f9dcdc8465e6a Show response bam.nr-data.net/1/	40 B 461 B	329ms 261ms	XHR text/plain	162.247.241.14 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/NRJS-825139f9dcdc8465e6a?a=546215060&v=1.237.1&to=YQBbMBYHWxBSUUwIClhKeAcQD1oNHFtWBQBO&rst=2128&ck=0&s=6b30821d2b5cd443&ref=https://wicked.tours/&af=err,xhr,stn,ins,spa&ap=273&be=599&fe=1466&dc=486&at=TUdYRl4dSB4%3D&perf=%7B%22timing%22:%7B%22of%22:1692109529606,%22n%22:0,%22f%22:0,%22dn%22:3,%22dne%22:28,%22c%22:28,%22s%22:122,%22ce%22:219,%22rq%22:219,%22rp%22:599,%22rpe%22:786,%22di%22:1042,%22ds%22:1044,%22de%22:1085,%22dc%22:2060,%22l%22:2060,%22le%22:2065%7D,%22navigation%22:%7B%7D%7D&fp=970&fcp=970 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS Software cloudflare / Resource Hash 24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee Request headers Referer https://wicked.tours/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 content-type text/plain Response headers Date Tue, 15 Aug 2023 14:25:32 GMT CF-Cache-Status DYNAMIC Server cloudflare Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/plain Access-Control-Allow-Origin https://wicked.tours access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive CF-Ray 7f721b7dcfaa4d38-FRA Content-Length 40
POST H2	200	/ Show response api.amplitude.com/	7 B 205 B	183ms 183ms	XHR text/html	54.201.38.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.38.6 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-38-6.us-west-2.compute.amazonaws.com Software / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://wicked.tours/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Tue, 15 Aug 2023 14:25:31 GMT strict-transport-security max-age=15768000 trace-id Root=1-64db8adb-7d2ff6b8059e95ee6cccb8d9 content-length 7 access-control-allow-methods GET, POST content-type text/html;charset=utf-8
POST H3	200	/ Show response www.facebook.com/tr/ Frame A134	0 15 B	9ms 6ms	Document text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://wicked.tours Referer https://wicked.tours/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://wicked.tours alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Tue, 15 Aug 2023 14:25:31 GMT priority u=0,i server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
OPTIONS H2	200	verifyCustomToken www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame	0 0	226ms 137ms	Preflight text/html	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=AIzaSyD_Gfc_7uxkBQCYz7KRAVnUW5-K2gONcEk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-client-version Access-Control-Request-Method POST Origin https://tomis-bot.firebaseapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-headers content-type,x-client-version access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 15 Aug 2023 14:25:32 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	verifyCustomToken Show response www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 88C7	1 KB 1 KB	483ms 481ms	XHR application/json	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=AIzaSyD_Gfc_7uxkBQCYz7KRAVnUW5-K2gONcEk Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0930b4aa78db2c30491043f825bae74b3aff1a5f0ea4011bf49f5b49aa77758f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ X-Client-Version Chrome/JsCore/8.10.1/FirebaseCore-web accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:32 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-expose-headers date,vary,vary,vary,content-encoding,server,content-length cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 837 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	NRJS-825139f9dcdc8465e6a Show response bam.nr-data.net/resources/1/	36 B 413 B	275ms 275ms	XHR text/plain	162.247.241.14 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/resources/1/NRJS-825139f9dcdc8465e6a?a=546215060&v=1.237.1&to=YQBbMBYHWxBSUUwIClhKeAcQD1oNHFtWBQBO&rst=2486&ck=0&s=6b30821d2b5cd443&ref=https://wicked.tours/&st=1692109529606 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS Software cloudflare / Resource Hash 65c98853e9accd56ff924db407357d78dda1398e8ca2bee177a995f569866366 Request headers Referer https://wicked.tours/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 content-type text/plain Response headers Date Tue, 15 Aug 2023 14:25:32 GMT CF-Cache-Status DYNAMIC Server cloudflare Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/plain Access-Control-Allow-Origin https://wicked.tours access-control-allow-credentials true Connection keep-alive CF-Ray 7f721b7f99e94d38-FRA Content-Length 36
POST H/1.1	200 OK	NRJS-825139f9dcdc8465e6a Show response bam.nr-data.net/events/1/	24 B 400 B	317ms 290ms	XHR image/gif	162.247.241.14 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/NRJS-825139f9dcdc8465e6a?a=546215060&v=1.237.1&to=YQBbMBYHWxBSUUwIClhKeAcQD1oNHFtWBQBO&rst=2492&ck=0&s=6b30821d2b5cd443&ref=https://wicked.tours/ Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS Software cloudflare / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://wicked.tours/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 content-type text/plain Response headers Date Tue, 15 Aug 2023 14:25:32 GMT CF-Cache-Status DYNAMIC Server cloudflare Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://wicked.tours access-control-allow-credentials true Connection keep-alive CF-Ray 7f721b7fcae730c0-FRA Content-Length 24
OPTIONS H3	200	getAccountInfo www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame	0 0	141ms 140ms	Preflight text/html	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyD_Gfc_7uxkBQCYz7KRAVnUW5-K2gONcEk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-client-version Access-Control-Request-Method POST Origin https://tomis-bot.firebaseapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-headers content-type,x-client-version access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 15 Aug 2023 14:25:32 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	getAccountInfo Show response www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 88C7	326 B 253 B	169ms 169ms	XHR application/json	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyD_Gfc_7uxkBQCYz7KRAVnUW5-K2gONcEk Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f6291e5ed3b19727db76a95a06fc09e924231eeff946c0734d5a6bc7fb3c228a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ X-Client-Version Chrome/JsCore/8.10.1/FirebaseCore-web accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:32 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-expose-headers date,vary,vary,vary,content-encoding,server,content-length cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 228 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	54 B 459 B	287ms 193ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&RID=6308&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F8.10.1%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A620481618393%3Aweb%3Aa168024425db8ced0979c8%0D%0AAuthorization%3ABearer%20eyJhbGciOiJSUzI1NiIsImtpZCI6IjYzODBlZjEyZjk1ZjkxNmNhZDdhNGNlMzg4ZDJjMmMzYzIzMDJmZGUiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vdG9taXMtYm90IiwiYXVkIjoidG9taXMtYm90IiwiYXV0aF90aW1lIjoxNjkyMTA5NTMyLCJ1c2VyX2lkIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0Iiwic3ViIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0IiwiaWF0IjoxNjkyMTA5NTMyLCJleHAiOjE2OTIxMTMxMzIsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiY3VzdG9tIn19.dGnHVg67Ftl4eCAAwDxVYEO19hv7kt0IS_cFCWMcWlR4dMobuU2dKFRTw6XjK01j7sOI9nXrO4CtFVaxk3DjBNFKWnpPX32E_UpP4LV4bizdK_NJQcXV5rN2j4Xk1ETPQtW6ChaGorhaoJhoRATLFWS1pbImjS3i7hwwPqOHWNy1IkQplVl3mU21HYlmXCaoI7JX_sSP7-ykJuSWa2QitF_4By5sYB13jF-MMTdnGyzFZTPRNXgthUg6wlyEKNfvQLHUTjeNISA-OEjKbQserzqJyl1ze3OVqK5zxj2kF2akYoqs_RIMA5fJdgNibBjMobQT4lW9OUssXPxYIVvDPQ%0D%0A&zx=kg8eluj0a201&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 03ee9ca32e8355be8431ff8a4fc87b0ab2b935673c73904a147efc1505e6a685 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Aug 2023 14:25:33 GMT content-encoding gzip x-content-type-options nosniff x-client-wire-protocol h2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71 x-xss-protection 0 server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-expose-headers x-client-wire-protocol,x-http-session-id cache-control private access-control-allow-credentials true x-http-session-id 87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw
GET H2	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	17 KB 2 KB	705ms 704ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=0&TYPE=xmlhttp&zx=vypxps2rwjqz&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1437ebe8957a076049efd207d8a9c43598f14e25249317f2859e87fe48aedfab Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:33 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Referer, origin x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H2	200	hotjar-3290986.js Show response static.hotjar.com/c/	9 KB 4 KB	88ms 24ms	Script application/javascript	52.222.139.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3290986.js?sv=7 Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-53.ams50.r.cloudfront.net Software / Resource Hash 5ff46518800229da9a1d43aaf96f10b408cd2e0e0f9d0c0a1102fdafd98206c6 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:28 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 age 5 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/8b82becdd13910eb653dd681c885a823 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 x-amz-cf-id fkz4Me_RhcoBgv9DTz8dgD4oaay6W-0gyHH6IB1_yGHsL63pMi0rSw==
GET H2	200	modules.308cbc5043a6046d8664.js Show response script.hotjar.com/	223 KB 55 KB	61ms 16ms	Script application/javascript	13.227.219.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.308cbc5043a6046d8664.js Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-3.ams54.r.cloudfront.net Software / Resource Hash 618ffdf570f95c960bd38bef0c383c2a4f7fca5255a1baf444152bc59ad6abf1 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 13:04:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4b28b963946514dd2cf9a90f74a8034a.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 91287 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55626 last-modified Mon, 14 Aug 2023 13:03:42 GMT etag "d4e78dbdf0d0ca53852434fec94bd7ee" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id 0ix7CMMTw4863e1qlQwAXQ-XwHUPvXeXEsnmKicO6OXVGCNDnxSSag==
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	124 B 142 B	690ms 689ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=4&TYPE=xmlhttp&zx=c6tv3den1qqc&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8b5674ff21cd6ab0191b8545cce8c8d435e86716292a379f1cb5004c402004ed Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:34 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H2	200	bot_icons%2Fwicked-wine-tours.jpeg Show response firebasestorage.googleapis.com/v0/b/tomis-bot.appspot.com/o/ Frame 88C7	574 B 884 B	365ms 364ms	XHR application/json	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebasestorage.googleapis.com/v0/b/tomis-bot.appspot.com/o/bot_icons%2Fwicked-wine-tours.jpeg Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash e668ea1080a38ec360854b53dd3eb6ba80316502d900aa60cb27c4546a21b7ad Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://tomis-bot.firebaseapp.com/ X-Firebase-Storage-Version webjs/8.10.1 accept-language de-DE,de;q=0.9 Authorization Firebase eyJhbGciOiJSUzI1NiIsImtpZCI6IjYzODBlZjEyZjk1ZjkxNmNhZDdhNGNlMzg4ZDJjMmMzYzIzMDJmZGUiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vdG9taXMtYm90IiwiYXVkIjoidG9taXMtYm90IiwiYXV0aF90aW1lIjoxNjkyMTA5NTMyLCJ1c2VyX2lkIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0Iiwic3ViIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0IiwiaWF0IjoxNjkyMTA5NTMyLCJleHAiOjE2OTIxMTMxMzIsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiY3VzdG9tIn19.dGnHVg67Ftl4eCAAwDxVYEO19hv7kt0IS_cFCWMcWlR4dMobuU2dKFRTw6XjK01j7sOI9nXrO4CtFVaxk3DjBNFKWnpPX32E_UpP4LV4bizdK_NJQcXV5rN2j4Xk1ETPQtW6ChaGorhaoJhoRATLFWS1pbImjS3i7hwwPqOHWNy1IkQplVl3mU21HYlmXCaoI7JX_sSP7-ykJuSWa2QitF_4By5sYB13jF-MMTdnGyzFZTPRNXgthUg6wlyEKNfvQLHUTjeNISA-OEjKbQserzqJyl1ze3OVqK5zxj2kF2akYoqs_RIMA5fJdgNibBjMobQT4lW9OUssXPxYIVvDPQ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:34 GMT x-content-type-options nosniff server UploadServer x-guploader-uploadid ADPycds5DkipPhoPxj1_kWRgFtOu7xEqH1NGyQC4zLDXB1kSBrEyulkZ3634ztMOv_dXahwhxi4mkdPmorek0f1gr4Wc1iwyJL5v content-type application/json; charset=UTF-8 access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Range, Date, Expires, Server, Transfer-Encoding, X-Firebase-Storage-XSRF, X-GUploader-UploadID, X-Google-Trace cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 574 expires Tue, 15 Aug 2023 14:25:34 GMT
OPTIONS H2	200	bot_icons%2Fwicked-wine-tours.jpeg firebasestorage.googleapis.com/v0/b/tomis-bot.appspot.com/o/ Frame	0 0	132ms 46ms	Preflight text/html	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firebasestorage.googleapis.com/v0/b/tomis-bot.appspot.com/o/bot_icons%2Fwicked-wine-tours.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-firebase-storage-version Access-Control-Request-Method GET Origin https://tomis-bot.firebaseapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type, Range, X-Firebase-Storage-Version, X-Firebase-Storage-XSRF, X-Firebase-AppCheck, X-Firebase-GMPID, X-Goog-AuthUser, X-Goog-Upload-Command, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Protocol access-control-allow-methods POST, GET, HEAD, DELETE, PATCH access-control-allow-origin * access-control-expose-headers Content-Range, X-Firebase-Storage-XSRF access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-length 0 content-type text/html; charset=UTF-8 date Tue, 15 Aug 2023 14:25:34 GMT expires Tue, 15 Aug 2023 14:25:34 GMT server UploadServer x-guploader-uploadid ADPycdtEKn6NRJeQcTo5QDLZNFD1n2-pyS6NOd2ulsF68zs1hrV1OkLN261QHYpLWSs5hD_C7pHBZkOQmiM1YyiqIPvAkZ6cBcNh
POST H3	201	/ Show response us-central1-tomis-bot.cloudfunctions.net/initiateWebSession/ Frame 88C7	69 B 108 B	623ms 623ms	Fetch application/json	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-tomis-bot.cloudfunctions.net/initiateWebSession/ Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 45fb4bddfa93b5da92a0ed144302cd4d0d988864662a2ed62b36ecb37957aaaa Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 Authorization Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjYzODBlZjEyZjk1ZjkxNmNhZDdhNGNlMzg4ZDJjMmMzYzIzMDJmZGUiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vdG9taXMtYm90IiwiYXVkIjoidG9taXMtYm90IiwiYXV0aF90aW1lIjoxNjkyMTA5NTMyLCJ1c2VyX2lkIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0Iiwic3ViIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0IiwiaWF0IjoxNjkyMTA5NTMyLCJleHAiOjE2OTIxMTMxMzIsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiY3VzdG9tIn19.dGnHVg67Ftl4eCAAwDxVYEO19hv7kt0IS_cFCWMcWlR4dMobuU2dKFRTw6XjK01j7sOI9nXrO4CtFVaxk3DjBNFKWnpPX32E_UpP4LV4bizdK_NJQcXV5rN2j4Xk1ETPQtW6ChaGorhaoJhoRATLFWS1pbImjS3i7hwwPqOHWNy1IkQplVl3mU21HYlmXCaoI7JX_sSP7-ykJuSWa2QitF_4By5sYB13jF-MMTdnGyzFZTPRNXgthUg6wlyEKNfvQLHUTjeNISA-OEjKbQserzqJyl1ze3OVqK5zxj2kF2akYoqs_RIMA5fJdgNibBjMobQT4lW9OUssXPxYIVvDPQ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json Response headers date Tue, 15 Aug 2023 14:25:34 GMT content-encoding gzip server Google Frontend etag W/"45-ikX5DBO5uYQ2wrfLTHIU5ftraxo" content-type application/json; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com x-cloud-trace-context 45f52b2834ac27d344b52c9ecbbd6050 cache-control private access-control-allow-credentials true function-execution-id 55vd7vkk6n27 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 88
OPTIONS H3	204	/ us-central1-tomis-bot.cloudfunctions.net/initiateWebSession/ Frame	0 0	122ms 122ms	Preflight text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-tomis-bot.cloudfunctions.net/initiateWebSession/ Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://tomis-bot.firebaseapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Authorization, X-TWILIO-SIGNATURE, Content-Type, x-api-key access-control-allow-methods POST, OPTIONS, PUT, GET access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 15 Aug 2023 14:25:34 GMT function-execution-id gc6261y14w6s server Google Frontend x-cloud-trace-context a578bec759df768628a36c70b755261e
POST H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	10 B 50 B	669ms 668ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&SID=IZx6Tj-6aAWafg93K0t1xA&RID=6309&AID=4&zx=qepj48wumer3&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Aug 2023 14:25:34 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	121 B 139 B	149ms 148ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=6&TYPE=xmlhttp&zx=k6ymdri5eku5&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 209fefaa0a7441ef64b9ac5ad83f8878b4b8fcf3500ccea0457087c6db2f59e3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:34 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
POST H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	10 B 50 B	149ms 148ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&SID=IZx6Tj-6aAWafg93K0t1xA&RID=6310&AID=6&zx=d8zg2648om65&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e77a0ffcd5f5ba04a57df544d7d57728c3aa9f9d8da436e5d6c6794908491b6f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Aug 2023 14:25:34 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30 x-xss-protection 0
POST H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 88C7	54 B 95 B	190ms 190ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&RID=80219&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F8.10.1%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A620481618393%3Aweb%3Aa168024425db8ced0979c8%0D%0AAuthorization%3ABearer%20eyJhbGciOiJSUzI1NiIsImtpZCI6IjYzODBlZjEyZjk1ZjkxNmNhZDdhNGNlMzg4ZDJjMmMzYzIzMDJmZGUiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vdG9taXMtYm90IiwiYXVkIjoidG9taXMtYm90IiwiYXV0aF90aW1lIjoxNjkyMTA5NTMyLCJ1c2VyX2lkIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0Iiwic3ViIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0IiwiaWF0IjoxNjkyMTA5NTMyLCJleHAiOjE2OTIxMTMxMzIsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiY3VzdG9tIn19.dGnHVg67Ftl4eCAAwDxVYEO19hv7kt0IS_cFCWMcWlR4dMobuU2dKFRTw6XjK01j7sOI9nXrO4CtFVaxk3DjBNFKWnpPX32E_UpP4LV4bizdK_NJQcXV5rN2j4Xk1ETPQtW6ChaGorhaoJhoRATLFWS1pbImjS3i7hwwPqOHWNy1IkQplVl3mU21HYlmXCaoI7JX_sSP7-ykJuSWa2QitF_4By5sYB13jF-MMTdnGyzFZTPRNXgthUg6wlyEKNfvQLHUTjeNISA-OEjKbQserzqJyl1ze3OVqK5zxj2kF2akYoqs_RIMA5fJdgNibBjMobQT4lW9OUssXPxYIVvDPQ%0D%0A&zx=3jqoquyzbd3i&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e9d766aabf5672a704d32d32f3da22f77d4bd18cc00d96f9a133db9ae1b4cc98 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Aug 2023 14:25:34 GMT content-encoding gzip x-content-type-options nosniff x-client-wire-protocol h3 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71 x-xss-protection 0 server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-expose-headers x-client-wire-protocol,x-http-session-id cache-control private access-control-allow-credentials true x-http-session-id j9LSFKZze-2KZ158e8T98jqTgOTfEA4HimFcZdbYFgw
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	9 KB 2 KB	147ms 146ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=8&TYPE=xmlhttp&zx=sq65e8qiv8v0&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4b95bb920b3771639d38b729167342fa961b85440a89572bc3e3cc31fe932c30 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 88C7	66 B 105 B	653ms 653ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=j9LSFKZze-2KZ158e8T98jqTgOTfEA4HimFcZdbYFgw&VER=8&RID=rpc&SID=LZ-Wp_w89nvozL9BhdVpRQ&CI=1&AID=0&TYPE=xmlhttp&zx=dulz4vf7tiza&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a96c079a315cfe48681799497cf50d7fd512b9b61886a65f54db3015869da1c1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Referer, origin x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	123 B 140 B	149ms 148ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=11&TYPE=xmlhttp&zx=nx3dtakolal3&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d84e1384228a69f23ee2d0a481d58b040dbdf9822ca49dd90e06b81f21a71300 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
POST H2	204	collect region1.google-analytics.com/g/ Frame 88C7	0 78 B	20ms 19ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-YT7KJT8ZQC&gtm=45je3890&_p=1874850242&cid=1110818737.1692109535&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692109535&sct=1&seg=0&dl=https%3A%2F%2Fwicked.tours%2F&dr=https%3A%2F%2Fwicked.tours%2F&dt=Award%20Winning%20Kelowna%20Wine%20Tours%20%7C%20Wicked%20Tours&uid=61d97227-4030-44ca-902b-cf13ee372724&en=loaded&_fv=1&_nsi=1&_ss=1&_ee=1&ep.site=wicked-wine-tours&ep.conversation_id=IAz1cOoCorFITue2SojU&ep.web_session_id=4ea7de71-4b3f-469e-896f-8298ab7f6022 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YT7KJT8ZQC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 15 Aug 2023 14:25:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	201	/ Show response us-central1-tomis-bot.cloudfunctions.net/initiateWelcome/ Frame 88C7	51 B 85 B	463ms 462ms	Fetch application/json	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-tomis-bot.cloudfunctions.net/initiateWelcome/ Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 1cab3f9c0f4f726b1824a47e8d5d08ac56992160954738ae3d1bdcd57059ceb6 Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 Authorization Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjYzODBlZjEyZjk1ZjkxNmNhZDdhNGNlMzg4ZDJjMmMzYzIzMDJmZGUiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vdG9taXMtYm90IiwiYXVkIjoidG9taXMtYm90IiwiYXV0aF90aW1lIjoxNjkyMTA5NTMyLCJ1c2VyX2lkIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0Iiwic3ViIjoiNjFkOTcyMjctNDAzMC00NGNhLTkwMmItY2YxM2VlMzcyNzI0IiwiaWF0IjoxNjkyMTA5NTMyLCJleHAiOjE2OTIxMTMxMzIsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnt9LCJzaWduX2luX3Byb3ZpZGVyIjoiY3VzdG9tIn19.dGnHVg67Ftl4eCAAwDxVYEO19hv7kt0IS_cFCWMcWlR4dMobuU2dKFRTw6XjK01j7sOI9nXrO4CtFVaxk3DjBNFKWnpPX32E_UpP4LV4bizdK_NJQcXV5rN2j4Xk1ETPQtW6ChaGorhaoJhoRATLFWS1pbImjS3i7hwwPqOHWNy1IkQplVl3mU21HYlmXCaoI7JX_sSP7-ykJuSWa2QitF_4By5sYB13jF-MMTdnGyzFZTPRNXgthUg6wlyEKNfvQLHUTjeNISA-OEjKbQserzqJyl1ze3OVqK5zxj2kF2akYoqs_RIMA5fJdgNibBjMobQT4lW9OUssXPxYIVvDPQ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip server Google Frontend etag W/"33-KrP/3uIVf9l6gTNYRZVsUYQtPSQ" content-type application/json; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com x-cloud-trace-context f607e1179f70cf8e7b607564a92aabad cache-control private access-control-allow-credentials true function-execution-id u4qiqxabl89m alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65
POST H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	11 B 51 B	147ms 147ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&SID=IZx6Tj-6aAWafg93K0t1xA&RID=6311&AID=11&zx=hm3fqtbxiduz&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 394f4401490f1b28f8cb6b8b6ff796beb9fd5923ce65a2acdc633995bf8a37d1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0
OPTIONS H3	204	/ us-central1-tomis-bot.cloudfunctions.net/initiateWelcome/ Frame	0 0	122ms 122ms	Preflight text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-tomis-bot.cloudfunctions.net/initiateWelcome/ Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://tomis-bot.firebaseapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Authorization, X-TWILIO-SIGNATURE, Content-Type, x-api-key access-control-allow-methods POST, OPTIONS, PUT, GET access-control-allow-origin https://tomis-bot.firebaseapp.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 15 Aug 2023 14:25:35 GMT function-execution-id u4qifzikq8fk server Google Frontend x-cloud-trace-context f5bfa0612db6da56b9dd861d6ca2b230
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	316 B 199 B	154ms 153ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=13&TYPE=xmlhttp&zx=k2z3qv7dxv04&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2eb98253353e5bfac63e381762bedda3d02d9af3b76a9af118d54b6f6a42d3cd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	9 KB 2 KB	147ms 147ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=15&TYPE=xmlhttp&zx=5o6qo1opkqt3&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 297794485c7c7b3e74c00e505b832e88c947d79005b3ea1b5dd3f3d2d6ba0b7a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
POST H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 88C7	10 B 50 B	150ms 150ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&gsessionid=j9LSFKZze-2KZ158e8T98jqTgOTfEA4HimFcZdbYFgw&SID=LZ-Wp_w89nvozL9BhdVpRQ&RID=80220&AID=1&zx=yuso0vi2q8e3&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 31629b6e592c9a12b6cf7047fd64324ab717e6f41d93af4bcbac67ca724919d8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 88C7	203 B 205 B	150ms 150ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=j9LSFKZze-2KZ158e8T98jqTgOTfEA4HimFcZdbYFgw&VER=8&RID=rpc&SID=LZ-Wp_w89nvozL9BhdVpRQ&CI=1&AID=1&TYPE=xmlhttp&zx=aq91yw7v58kk&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aae1b214deb4498d739f621efba9103bd45388aff110f27621fd4d7008cb0260 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	15 KB 2 KB	148ms 148ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=17&TYPE=xmlhttp&zx=d3nnl35slvvs&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c7c448debd6ea7ae6a07fd2d2698e6af2d5146e40f0b5fb1986f52549faa07bd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:35 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 88C7	452 B 242 B	149ms 147ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=j9LSFKZze-2KZ158e8T98jqTgOTfEA4HimFcZdbYFgw&VER=8&RID=rpc&SID=LZ-Wp_w89nvozL9BhdVpRQ&CI=1&AID=3&TYPE=xmlhttp&zx=2jkhnt32qkjg&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 10b812ca006b70a4e598db8729b5fc1bed7df5da4faf3c5ffc60c218bbdee016 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:36 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	11 KB 981 B	149ms 148ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=21&TYPE=xmlhttp&zx=pmw78wmsfqe8&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c8d14a20b8a7a14dc4de8b25c21125ddf45060a6c7a5dbf2b542b3ffa16971df Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:36 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
POST H2	200	/ Show response api.amplitude.com/	7 B 204 B	184ms 184ms	XHR text/html	54.201.38.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Requested by Host: wicked.tours URL: https://wicked.tours/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.38.6 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-38-6.us-west-2.compute.amazonaws.com Software / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://wicked.tours/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Tue, 15 Aug 2023 14:25:36 GMT strict-transport-security max-age=15768000 trace-id Root=1-64db8ae0-03e1dc20585b888d2afc0622 content-length 7 access-control-allow-methods GET, POST content-type text/html;charset=utf-8
GET H3	200	collect www.google-analytics.com/	35 B 55 B	38ms 37ms	Image image/gif	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=754747545&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwicked.tours%2F&ul=en-us&de=UTF-8&dt=Award%20Winning%20Kelowna%20Wine%20Tours%20%7C%20Wicked%20Tours&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=TOMIS%20Chatbot&ea=Chatbot%20Message&el=Default%20Welcome%20Intent&_u=aDDAiEABBAAAAGAAIC~&jid=&gjid=&cid=1453574948.1692109531&tid=UA-11247999-2&_gid=1724714435.1692109531&gtm=45He3890n7154TM3L&z=1133839226 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://wicked.tours/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Mon, 14 Aug 2023 19:33:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 67955 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 88C7	10 B 50 B	148ms 148ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&VER=8&gsessionid=j9LSFKZze-2KZ158e8T98jqTgOTfEA4HimFcZdbYFgw&SID=LZ-Wp_w89nvozL9BhdVpRQ&RID=80221&AID=3&zx=hvzsc19xdrku&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 55d70f8ae93d7fce86697dcb3a57592de4d972a50df34f34ef5f12bdc1c61b9d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tomis-bot.firebaseapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Aug 2023 14:25:36 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	15 KB 2 KB	147ms 147ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=25&TYPE=xmlhttp&zx=shgava98uq9j&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36fa5f464ea7b98168b16944a0024a6b137bd64f9fa6c6da7bf1f26de07e004c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:36 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel Show response firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 88C7	271 B 217 B	147ms 147ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=j9LSFKZze-2KZ158e8T98jqTgOTfEA4HimFcZdbYFgw&VER=8&RID=rpc&SID=LZ-Wp_w89nvozL9BhdVpRQ&CI=1&AID=5&TYPE=xmlhttp&zx=dl736qv5fvy7&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3b78fabf929190dd97d8b4edda7e4c2ac87fad1dfcd03e03dd4ccaa2899c24e7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:36 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ Frame 88C7	18 B 0	147ms 146ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=87dA1yghJv4_QLbjUScDJQnFyzUcDIquYRMRP-WTFYw&VER=8&RID=rpc&SID=IZx6Tj-6aAWafg93K0t1xA&CI=1&AID=27&TYPE=xmlhttp&zx=rq1t1m7atmbg&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:36 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0
GET H3	200	channel firestore.googleapis.com/google.firestore.v1.Firestore/Write/ Frame 88C7	17 B 0	147ms 146ms	XHR text/plain	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?database=projects%2Ftomis-bot%2Fdatabases%2F(default)&gsessionid=j9LSFKZze-2KZ158e8T98jqTgOTfEA4HimFcZdbYFgw&VER=8&RID=rpc&SID=LZ-Wp_w89nvozL9BhdVpRQ&CI=1&AID=6&TYPE=xmlhttp&zx=vqdyxn6ck6or&t=1 Requested by Host: tomis-bot.firebaseapp.com URL: https://tomis-bot.firebaseapp.com/bot/index.8396c700.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tomis-bot.firebaseapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 14:25:36 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary origin content-type text/plain; charset=utf-8 access-control-allow-origin https://tomis-bot.firebaseapp.com cache-control private, max-age=0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0