urlscan.io logo urlscan.io
SecurityTrails logo

www.turismocity.com Open in urlscan Pro
2606:4700::6812:f410  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.turismocity.com/
Effective URL: https://www.turismocity.com/
Submission: On December 02 via manual from AR — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 16 domains to perform 40 HTTP transactions. The main IP is 2606:4700::6812:f410, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.turismocity.com.
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.
This is the only time www.turismocity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2606:4700::6812:f410 (United States)

ASN13335 (CLOUDFLARENET, US)
www.turismocity.com
assets.turismocity.com
api.turismocity.com
1    2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c0b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:80b::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    2a03:2880:f35a:80:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4998:1c:800::1001 (United States)

ASN14779 (YAHOO, US)
s.yimg.com
4    2607:f8b0:4004:c1f::8a (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c08::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
12 turismocity.com
www.turismocity.com
assets.turismocity.com — Cisco Umbrella Rank: 939671
api.turismocity.com
41 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
605 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
386 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 768
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1095
13 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
0 yahoo.com Failed
sp.analytics.yahoo.com Failed
0 reddit.com Failed
pixel-config.reddit.com Failed
alb.reddit.com Failed
0 tiktok.com Failed
analytics.tiktok.com Failed
0 taboola.com Failed
cdn.taboola.com Failed
0 outbrain.com Failed
amplify.outbrain.com Failed
0 ads-twitter.com Failed
static.ads-twitter.com Failed
40 16
Domain Requested by
8 www.turismocity.com 2 redirects www.turismocity.com
4 analytics.google.com www.googletagmanager.com
4 www.googletagmanager.com www.turismocity.com
www.googletagmanager.com
3 assets.turismocity.com www.turismocity.com
2 www.facebook.com
2 td.doubleclick.net www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 s.yimg.com www.turismocity.com
s.yimg.com
2 connect.facebook.net www.turismocity.com
connect.facebook.net
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
1 www.google.com www.googletagmanager.com
1 api.turismocity.com www.turismocity.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.turismocity.com
0 sp.analytics.yahoo.com Failed
0 alb.reddit.com Failed
0 pixel-config.reddit.com Failed www.redditstatic.com
0 analytics.tiktok.com Failed www.turismocity.com
0 cdn.taboola.com Failed www.turismocity.com
0 amplify.outbrain.com Failed www.turismocity.com
0 static.ads-twitter.com Failed www.googletagmanager.com
40 21
Subject Issuer Validity Valid
turismocity.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-10 -
2024-12-09		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-10-31 -
2024-12-18		 2 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.turismocity.com/
Frame ID: 74042B90751A4A20473B7F5D26178800
Requests: 33 HTTP requests in this frame

Frame: https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: E7F77ED1A7CC31E7CABF8708D57716C7
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.turismocity.com
Frame ID: DCAF9C616504B06AF4AE05DD0820D3DC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-VV7SM24D15&gacid=1030013907.1733164269&gtm=45je4bk0v894216626z877176766za200zb77176766&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1131011819
Frame ID: 264196884C65CDF6A224D5262D076B4B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-F87D4RR1LN&gacid=1030013907.1733164269&gtm=45je4bk0v9172189644z877176766za200zb77176766&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1704520373
Frame ID: 0B5ED2954476D17BFF1FE5E847826B2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Turismocity

Page URL History Show full URLs

  1. http://www.turismocity.com/ HTTP 307
    https://www.turismocity.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

40
Requests

78 %
HTTPS

100 %
IPv6

16
Domains

21
Subdomains

13
IPs

1
Countries

543 kB
Transfer

2502 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.turismocity.com/ HTTP 307
    https://www.turismocity.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.turismocity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Request Chain 9
  • https://www.turismocity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.turismocity.com/
Redirect Chain
  • http://www.turismocity.com/
  • https://www.turismocity.com/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turismocity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb702798df6d713f84baebcb9cf5b3db5936f2160a4d9b1f818203412cd5039

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=30
cf-cache-status
DYNAMIC
cf-ray
8ebd64653b1a729b-EWR
content-encoding
br
content-type
text/html
date
Mon, 02 Dec 2024 18:31:08 GMT
expires
Mon, 02 Dec 2024 18:31:38 GMT
last-modified
Tue, 15 Oct 2024 13:19:45 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 de64f4ad73b175abdd31603ba9fb0aae.cloudfront.net (CloudFront)
x-amz-cf-id
zGcQDfZQnN0E4Rk5Kpvxam_t2kz9gxVgVbih6OeUwkgxfwh3LHH-jw==
x-amz-cf-pop
JFK52-P10
x-cache
RefreshHit from cloudfront

Redirect headers

Location
https://www.turismocity.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
adf768c23e06caa3676973294122e24048a1296ae400745ba47e08bd39276e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 18:31:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 02 Dec 2024 17:39:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
turismocity-logo-retina5.png
assets.turismocity.com/cdn-cgi/image/format=auto/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.turismocity.com/cdn-cgi/image/format=auto/img/turismocity-logo-retina5.png
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66198a081eba1f5e538a744fd511de568be49c7c621755399c906dc65dee46a5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cf-cache-status
HIT
etag
"cfPxqhM-U3p-fJ7HL7xVLROzdd1gWqs-rDoNB_ezzVDQ:3c112a8ab869d67eca15c6db05b2e972"
cf-bgj
imgq:0,h2pri
cf-resized
internal=ok/h q=0 n=41+60 c=0+60 v=2024.10.6 l=2248 f=false
warning
cf-images 299 "original is 2038B smaller"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
image/png
last-modified
Tue, 25 Jul 2023 20:33:09 GMT
vary
Accept, Accept-Encoding
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 164;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=2678400
via
1.1 3a689aadb5700d6900d339291d232698.cloudfront.net (CloudFront)
cf-ray
8ebd64663c72729b-EWR
accept-ranges
bytes
content-length
2248
server
cloudflare
rocket-loader.min.js
www.turismocity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turismocity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6740aa56-302c"
x-content-type-options
nosniff
cf-ray
8ebd64664b220f6d-EWR
expires
Wed, 04 Dec 2024 18:31:08 GMT
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 15:59:18 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
flags-bordered.png
assets.turismocity.com/cdn-cgi/image/format=auto/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.turismocity.com/cdn-cgi/image/format=auto/img/flags-bordered.png
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f1f8ab69bce08fba8019a3f932b8a223f4324b0cc46f674ef150a6b4e050cb2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cf-cache-status
HIT
etag
"cf52ffNojCy5361z8uqSbVZax91gWqs-rDoNB_ezzVDQ:f23f5cd217ff7f4cd76643b910cb1a4c"
cf-bgj
imgq:85,h2pri
cf-resized
internal=ok/h q=0 n=26+171 c=0+0 v=2024.10.6 l=22462 f=false
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
image/avif
last-modified
Wed, 28 Nov 2018 13:57:55 GMT
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=160541489
via
1.1 89a72235603a2d131db45f5445da128a.cloudfront.net (CloudFront)
cf-ray
8ebd64668cd2729b-EWR
accept-ranges
bytes
content-length
22462
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.turismocity.com
Referer
https://fonts.googleapis.com/

Response headers

age
191595
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 13:17:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 13:17:53 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
main.js
www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame E7F7
Redirect Chain
  • https://www.turismocity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H3
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e388b707dd6c4c203c718e1bbe2af5fc6c02b62f440f04dbd882f0d69bfa38bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8ebd6466bbcd0f6d-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cf-ray
8ebd64669b9f0f6d-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Mon, 02 Dec 2024 18:31:08 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8ebd64653b1a729b
www.turismocity.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E7F7 		0
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ebd64653b1a729b
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8ebd6467cd470f6d-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
gtm.js
www.googletagmanager.com/ 		1 MB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-59FGSWZ
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
846d964deffc428d00dc44ccf2008c758b3c820f80540f8aea8dbe239e348109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 02 Dec 2024 18:31:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
153917
x-xss-protection
0
server
Google Tag Manager
ip2country
api.turismocity.com/ 		55 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.turismocity.com/ip2country
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4364cb170de0b5b8e27ca61bfce6f90af2da1f6e030e510a5eff64ad0ea3ecdf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"37-xngnKIPkjtkjj+eFt8xrcOB9PnM"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
referrer-policy
no-referrer
x-download-options
noopen
cf-ray
8ebd6467fd308c7b-EWR
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
server
cloudflare
main.js
www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame E7F7
Redirect Chain
  • https://www.turismocity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Protocol
H3
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e388b707dd6c4c203c718e1bbe2af5fc6c02b62f440f04dbd882f0d69bfa38bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8ebd6466bbcd0f6d-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cf-ray
8ebd64669b9f0f6d-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Mon, 02 Dec 2024 18:31:08 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
icon-48x48.png
assets.turismocity.com/cdn-cgi/image/format=auto/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.turismocity.com/cdn-cgi/image/format=auto/img/icon-48x48.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecdae0e5b6407f8f829b49b2fef8aa4b1017d052705393296232ae82a79bbb09
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cf-cache-status
HIT
etag
"cfFBIkWZPBLw1r7ERprnbrp-4e1gWqs-rDoNB_ezzVDQ:1272a7536af3e3ce85d89014bfbb3966"
cf-bgj
imgq:85,h2pri
cf-resized
internal=ok/h q=0 n=21+19 c=0+19 v=2024.10.6 l=1793 f=false
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
image/avif
last-modified
Thu, 22 Jun 2017 13:35:55 GMT
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public, max-age=160543356
via
1.1 0268006546f3e358946387816c8adcfc.cloudfront.net (CloudFront)
cf-ray
8ebd6467decc729b-EWR
accept-ranges
bytes
content-length
1793
server
cloudflare
8ebd64653b1a729b
www.turismocity.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E7F7 		0
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.turismocity.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ebd64653b1a729b
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:f410 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8ebd64686e030f6d-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.turismocity.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1241006641.1733164269&auid=1173020603.1733164269&npa=0&gtm=45He4bk0v77176766za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733164269245&tfd=933&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59FGSWZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers
js
www.googletagmanager.com/gtag/ 		394 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VV7SM24D15&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59FGSWZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d7916d333d1184a2144058a198e411dea15f3548d7610c8f9e2cdc87d08a1a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 18:31:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
130539
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		324 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F87D4RR1LN&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59FGSWZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9c90f3f00fba9ac6e37d7d8ab7d1126d82804984aad84742de8fef0400f84b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 18:31:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109890
x-xss-protection
0
server
Google Tag Manager
uwt.js
static.ads-twitter.com/ 		0
0
pixel.js
www.redditstatic.com/ads/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59FGSWZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"1a001f3a066bff47a766099b87253911"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12220
date
Mon, 02 Dec 2024 18:31:09 GMT
last-modified
Mon, 18 Nov 2024 21:16:35 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
obtp.js
amplify.outbrain.com/cp/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-IZ0Y76d3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-IZ0Y76d3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4493, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
A5LT39KqONmu20B3OvWEkh47EDiMsY5eVYC/XTLeM2u7aR8VZum1UoHXvNGqqO7cGu2iCR+t3I4waVrlSas4ew==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
tfa.js
cdn.taboola.com/libtrc/unip/1035260/ 		0
0
ytc.js
s.yimg.com/wi/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.turismocity.com
URL: https://www.turismocity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
gzip
etag
"bc033c3a83e1880e480086bf11ac0b0a-df"
x-amz-version-id
JRuD6BVFDpXh1T7iUrCVWNpcX_ACBwVG
age
758
date
Mon, 02 Dec 2024 18:18:32 GMT
last-modified
Wed, 28 Aug 2024 12:33:10 GMT
vary
Origin, Accept-Encoding
x-amz-expiration
expiry-date="Fri, 03 Oct 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type
application/javascript
x-amz-id-2
5eYOdS008XrJqQygkrOou5T2yhRvYixwIjQ2kv8CGE971JJ/JnVK3J7FvsOMlRYwqVvfGx5D83m+/GFEXPgR0fCwxpxw6IImflcXwf4Ck9E=
strict-transport-security
max-age=31536000
cache-control
public,max-age=3600
ats-carp-promotion
1, 1
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
W6Q5NTBCN6E4HPWR
accept-ranges
bytes
content-length
6826
server
ATS
x-amz-server-side-encryption
AES256
events.js
analytics.tiktok.com/i18n/pixel/ 		0
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame DCAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.turismocity.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59FGSWZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 18:31:09 GMT
expires
Tue, 02 Dec 2025 18:31:09 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
10093441.json
s.yimg.com/wi/config/ 		2 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10093441.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=3600
content-encoding
gzip
age
1
access-control-allow-methods
GET
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
VE4BB6ATJMQKPKDG
access-control-allow-origin
*
content-length
22
date
Mon, 02 Dec 2024 18:31:08 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
server
ATS
x-amz-id-2
w1sL70lENmHMP9O6lIYZQFiVFA839ruuS8D81wvAZhVXxl8HGWgJt4U1uVSGgHyvRE4lRetPv8k=
config
pixel-config.reddit.com/pixels/t2_5qh9xlhee/ 		0
0
t2_5qh9xlhee_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_5qh9xlhee_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		0
0
303275336782413
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/303275336782413?v=2.9.176&r=stable&domain=www.turismocity.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4df987f22fa4c3a382aa035f9854ce7a26ab9de9736a387737643780fd32cd85
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-emW7iRVB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-emW7iRVB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=71, mss=1232, tbw=70943, tp=69, tpl=0, uplat=157, ullat=0
pragma
public
x-fb-debug
OfI+kq6gRhUo2HRA2FNQvCWIOZsI25skIP4WNOXxdk+cNB5vPBykFMAGo4xo8iYEQJzLWRf8gC14G/gSB4Xayw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sp.pl
sp.analytics.yahoo.com/ 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VV7SM24D15&gtm=45je4bk0v894216626z877176766za200zb77176766&_p=1733164268770&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1030013907.1733164269&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=&sid=1733164269&sct=1&seg=0&dl=https%3A%2F%2Fwww.turismocity.com%2F&dt=Turismocity&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1106
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VV7SM24D15&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.turismocity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VV7SM24D15&cid=1030013907.1733164269&gtm=45je4bk0v894216626z877176766za200zb77176766&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VV7SM24D15&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.turismocity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 2641 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-VV7SM24D15&gacid=1030013907.1733164269&gtm=45je4bk0v894216626z877176766za200zb77176766&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1131011819
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VV7SM24D15&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turismocity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 18:31:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-F87D4RR1LN&gtm=45je4bk0v9172189644z877176766za200zb77176766&_p=1733164268770&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1030013907.1733164269&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=&sid=1733164269&sct=1&seg=0&dl=https%3A%2F%2Fwww.turismocity.com%2F&dt=Turismocity&en=page_view&_fv=1&_ss=1&tfd=1209
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F87D4RR1LN&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.turismocity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F87D4RR1LN&cid=1030013907.1733164269&gtm=45je4bk0v9172189644z877176766za200zb77176766&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F87D4RR1LN&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.turismocity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 0B5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-F87D4RR1LN&gacid=1030013907.1733164269&gtm=45je4bk0v9172189644z877176766za200zb77176766&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1704520373
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F87D4RR1LN&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.turismocity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 18:31:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=303275336782413&ev=PageView&dl=https%3A%2F%2Fwww.turismocity.com%2F&rl=&if=false&ts=1733164269592&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733164269590.791774717998521564&cs_est=true&ler=empty&cdl=API_unavailable&it=1733164269333&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4495, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=303275336782413&ev=PageView&dl=https%3A%2F%2Fwww.turismocity.com%2F&rl=&if=false&ts=1733164269592&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733164269590.791774717998521564&cs_est=true&ler=empty&cdl=API_unavailable&it=1733164269333&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443883854495885764"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x11b2add1416fbf18","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["1489353054488859"]},"debug_reporting":true,"debug_key":"1978937411448896201"}
date
Mon, 02 Dec 2024 18:31:09 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
20cI5Lk1HNRtXvkJSWiUOE2sUJ5Mj++Lki7JrzCR2aRvK0R5o1mkMyC3abcfkuxzUvqEzIfb1ipfNnw1Jg+knw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443883854495885764", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4863, tp=13, tpl=0, uplat=63, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VV7SM24D15&gtm=45je4bk0v894216626za200zb77176766&_p=1733164268770&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1030013907.1733164269&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&uid=&sid=1733164269&sct=1&seg=0&dl=https%3A%2F%2Fwww.turismocity.com%2F&dt=Turismocity&en=scroll&epn.percent_scrolled=90&_et=52&tfd=6161
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VV7SM24D15&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.turismocity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:14 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-F87D4RR1LN&gtm=45je4bk0v9172189644za200zb77176766&_p=1733164268770&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1030013907.1733164269&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&uid=&sid=1733164269&sct=1&seg=0&dl=https%3A%2F%2Fwww.turismocity.com%2F&dt=Turismocity&en=scroll&epn.percent_scrolled=90&_et=39&tfd=6253
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F87D4RR1LN&l=dataLayer&cx=c&gtm=45He4bk0v77176766za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.turismocity.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.turismocity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 18:31:14 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.ads-twitter.com
URL
https://static.ads-twitter.com/uwt.js
Domain
amplify.outbrain.com
URL
https://amplify.outbrain.com/cp/obtp.js
Domain
cdn.taboola.com
URL
https://cdn.taboola.com/libtrc/unip/1035260/tfa.js
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHDAD3BC77UATU7MF7MG&lib=ttq
Domain
pixel-config.reddit.com
URL
https://pixel-config.reddit.com/pixels/t2_5qh9xlhee/config
Domain
alb.reddit.com
URL
https://alb.reddit.com/rp.gif?ts=1733164269312&id=t2_5qh9xlhee&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=963069f8-6924-4d57-8252-6ac7c96f7643&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Domain
sp.analytics.yahoo.com
URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2002%20Dec%202024%2018%3A31%3A09%20GMT&n=10&b=Turismocity&.yp=10093441&f=https%3A%2F%2Fwww.turismocity.com%2F&enc=UTF-8&yv=1.16.5&tagmgr=gtm

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| __cfQR object| dataLayer object| ajax function| redir boolean| __cfRLUnblockHandlers object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| twq function| rdt function| obApi function| fbq function| _fbq object| _tfa object| dotq string| TiktokAnalyticsObject object| ttq object| YAHOO function| redditNormalizeEmail function| onYouTubeIframeAPIReady object| gaGlobal

9 Cookies

Domain/Path Name / Value
.turismocity.com/ Name: __cf_bm
Value: Q_t2d0mgGSj_mf2JjeIrVD.53PtuNDSnKdHAJv_T21I-1733164268-1.0.1.1-7SwHaRnGyo30r2Eo3e7NJQYs1LbVbCm2LcTi2wlPAcanT0xIRsW7T5oPj2gr.ioihzzVOds6iWLNRQ0k2BWAtw
.turismocity.com/ Name: cf_clearance
Value: fIovlWjbQ5cAiQuI03oNsJuYz4yuYifQCT2T7FVDvro-1733164268-1.2.1.1-aw5Sq0G7tn7QdMIHTeX2OvtUEOqYPc9dnJIMdpImT6yHL2i.tH0Dq7g.vax3VoUwoltGS54y9xmd0Ei_rGw3FbeXkciKhmTAyYt0luFUwJmPs2jz4jJUbY6RD4_vdMmBt37bJiMovQXQEzVtB2zTHK3_5nYZW4dthIGf2biWoZ4YegHgfzrX8tBKrlfSzgRUUYSSKrhm89RhEDD6OYLMdccndlNc8.c9DUujpOXDxIzMeekmjn3j8nGmSB.FUKfwZHo_UGGc8frnSCrwDW3KMiyf8ni9kl0dWRsBtVYTKNGHLPborfaKp5FigZdO8k37DCcE6WY9gkE0iDGa_M.muPOrC7CoRlfUvP3GVLQY1RknkJTPB3G9K5SGXhKkICw4
.turismocity.com/ Name: _gcl_au
Value: 1.1.1173020603.1733164269
.turismocity.com/ Name: _rdt_uuid
Value: 1733164269310.963069f8-6924-4d57-8252-6ac7c96f7643
.turismocity.com/ Name: _ga
Value: GA1.1.1030013907.1733164269
.turismocity.com/ Name: _ga_VV7SM24D15
Value: GS1.1.1733164269.1.0.1733164269.60.0.0
.turismocity.com/ Name: _ga_F87D4RR1LN
Value: GS1.1.1733164269.1.0.1733164269.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlMJjYQRp5PqXt9uWGcUwVvHNVouE2iNy89-ws53vLrALC0hJK_aB0-4m7H
.turismocity.com/ Name: _fbp
Value: fb.1.1733164269590.791774717998521564

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
amplify.outbrain.com
analytics.google.com
analytics.tiktok.com
api.turismocity.com
assets.turismocity.com
cdn.taboola.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pixel-config.reddit.com
s.yimg.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google.com
www.googletagmanager.com
www.redditstatic.com
www.turismocity.com
alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
cdn.taboola.com
pixel-config.reddit.com
sp.analytics.yahoo.com
static.ads-twitter.com
2001:4998:1c:800::1001
2606:4700::6812:f410
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::9b
2607:f8b0:4004:c1f::8a
2607:f8b0:4006:80b::2004
2607:f8b0:4006:822::2008
2a03:2880:f112:182:face:b00c:0:25de
2a03:2880:f35a:80:face:b00c:0:3
2a04:4e42::396
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
4364cb170de0b5b8e27ca61bfce6f90af2da1f6e030e510a5eff64ad0ea3ecdf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4df987f22fa4c3a382aa035f9854ce7a26ab9de9736a387737643780fd32cd85
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
66198a081eba1f5e538a744fd511de568be49c7c621755399c906dc65dee46a5
6f1f8ab69bce08fba8019a3f932b8a223f4324b0cc46f674ef150a6b4e050cb2
846d964deffc428d00dc44ccf2008c758b3c820f80540f8aea8dbe239e348109
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8d7916d333d1184a2144058a198e411dea15f3548d7610c8f9e2cdc87d08a1a9
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adf768c23e06caa3676973294122e24048a1296ae400745ba47e08bd39276e06
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e388b707dd6c4c203c718e1bbe2af5fc6c02b62f440f04dbd882f0d69bfa38bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c90f3f00fba9ac6e37d7d8ab7d1126d82804984aad84742de8fef0400f84b4
ecdae0e5b6407f8f829b49b2fef8aa4b1017d052705393296232ae82a79bbb09
eeb702798df6d713f84baebcb9cf5b3db5936f2160a4d9b1f818203412cd5039