www.lascatalinascr.com Open in urlscan Pro
13.68.180.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.lascatalinascr.com/e3t/Ctc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-WJV7Cg-PmN2qkvvLwh1P...
Effective URL:
https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5J...
Submission: On February 14 via api (February 14th 2023, 3:13:05 pm UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 23 domains to perform 72 HTTP transactions. The main IP is 13.68.180.169, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.lascatalinascr.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on November 5th 2022. Valid for: a year.

This is the only time www.lascatalinascr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 12	13.68.180.169 13.68.180.169	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:8d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	82.196.7.246 82.196.7.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	54.231.225.232 54.231.225.232	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:d7ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
72	26

2 2606:2c40::c73c:67e1 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

news.lascatalinascr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.68.180.169 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: iws-04.ideawork.com

www.lascatalinascr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.196.7.246 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.openweathermap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.231.225.232 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:d7ed (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent10.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	lascatalinascr.com 2 redirects news.lascatalinascr.com www.lascatalinascr.com	1 MB
10	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 7722 forms.hubspot.com — Cisco Umbrella Rank: 5161 app.hubspot.com — Cisco Umbrella Rank: 8441 track.hubspot.com — Cisco Umbrella Rank: 4147	27 KB
7	amazonaws.com s3.amazonaws.com	2 MB
6	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 6614 forms-na1.hsforms.com — Cisco Umbrella Rank: 11976	3 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 11441	294 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 93 region1.google-analytics.com — Cisco Umbrella Rank: 1904	20 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	295 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	244 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 109	217 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3701	562 B
2	google.com www.google.com — Cisco Umbrella Rank: 18	562 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 160	2 KB
1	hubspotusercontent10.net f.hubspotusercontent10.net — Cisco Umbrella Rank: 91980	12 KB
1	openweathermap.org api.openweathermap.org — Cisco Umbrella Rank: 9921	875 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 5663	879 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 3854	20 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 6756	87 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 7222	25 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 7763	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 3799	63 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 5280	3 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4081	1004 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 10891	159 KB
72	23

	Domain	Requested by
12	www.lascatalinascr.com	1 redirects news.lascatalinascr.com www.lascatalinascr.com
7	s3.amazonaws.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	forms.hsforms.com	www.lascatalinascr.com js.hsforms.net js.hscollectedforms.net
4	www.facebook.com	www.lascatalinascr.com
3	track.hubspot.com
3	app.hubspot.com	js.usemessages.com static.hsappstatic.net
3	connect.facebook.net	www.lascatalinascr.com connect.facebook.net
3	www.google-analytics.com	www.lascatalinascr.com www.google-analytics.com
3	www.googletagmanager.com	www.lascatalinascr.com www.googletagmanager.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	api.hubspot.com	js.usemessages.com
2	www.google.de	www.lascatalinascr.com
2	www.google.com	www.lascatalinascr.com
2	region1.google-analytics.com	www.googletagmanager.com
2	news.lascatalinascr.com	1 redirects
1	f.hubspotusercontent10.net
1	forms-na1.hsforms.com
1	api.openweathermap.org	www.lascatalinascr.com
1	api.hubapi.com	js.hsadspixel.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.hs-scripts.com	www.lascatalinascr.com
1	js.hsforms.net	www.lascatalinascr.com
72	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
beachtowntravel.com
theblog.lascatalinascr.com
www.beachtowntravel.com
apps.apple.com
play.google.com
www.google.com
www.onceuponatime.agency

Subject Issuer	Validity	Valid
news.lascatalinascr.com Cloudflare Inc ECC CA-3	`2022-06-28` - `2023-06-28`	a year	crt.sh
www.lascatalinascr.com RapidSSL TLS RSA CA G1	`2022-11-05` - `2023-11-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-23` - `2023-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.openweathermap.org Sectigo RSA Domain Validation Secure Server CA	`2022-06-06` - `2023-07-07`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
Frame ID: 5F81F0C7F7AC7135F5EC0A33BDE50258
Requests: 60 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/4917861/threads/utk/b1671511e9c44bb490fb259f82cb2849?uuid=06152a81c2cf4e59ac62a23766e062cc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=lascatalinascr.com&inApp53=false&messagesUtk=b1671511e9c44bb490fb259f82cb2849&url=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 2A3932482E78D5D2CD26071FF38DE631
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2C3A0A2FCE7840C0C3627B8848EA8856
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E5F6CA2652A9E35C894CB6FD333D63E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beach Town in Guanacaste, Costa Rica | Las Catalinas

Page URL History Show full URLs

https://news.lascatalinascr.com/e3t/Ctc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-... Page URL
https://news.lascatalinascr.com/events/public/v1/encoded/track/tc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3... HTTP 307
http://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hse... HTTP 301
https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hse... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

72
Requests

100 %
HTTPS

88 %
IPv6

23
Domains

30
Subdomains

26
IPs

4
Countries

4281 kB
Transfer

21145 kB
Size

15
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/LasCatalinasCR/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/las_catalinas_

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfOCnZQ7JEgqO9UUmVa0ngA

Search URL Search Domain Scan URL

URL: http://beachtowntravel.com/
Title: Visit

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/drawing-a-street-in-a-walkable-town
Title: Explore

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/cars-kids-and-quality-of-life
Title: Explore

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/las-catalinas-tile
Title: Explore

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/made-in-las-catalinas-the-woodshop
Title: Explore

Search URL Search Domain Scan URL

URL: https://theblog.lascatalinascr.com/desayuno-t%C3%ADpico-the-costa-rican-breakfast
Title: Explore

Search URL Search Domain Scan URL

URL: https://www.instagram.com/las_catalinas_/
Title: Las Catalinas

Search URL Search Domain Scan URL

URL: https://www.beachtowntravel.com/
Title: Beach Town Travel

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/las-catalinas/id1374972195

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.aliceapp.android.whitelabel.lascatalinas.production

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Guanacaste+Province,+Las+Catalinas,+Costa+Rica/data=!4m2!3m1!1s0x8f9e25ee7d7275cb:0x66fef976ab80fbe9?sa=X&ved=2ahUKEwjK1KHgrrfsAhV9knIEHQhYDQ8Q8gEwGXoECA8QAQ
Title: Las Catalinas, Guanacaste, Costa Rica

Search URL Search Domain Scan URL

URL: https://www.onceuponatime.agency/hospitality
Title: Once Upon a Time

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.lascatalinascr.com/e3t/Ctc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-WJV7Cg-PmN2qkvvLwh1PcW6KBLnp6LPnCkN6crQyk_pcKQW62mxYC3ZrxPkDt95qllQyGW2VdpwH3HGPSnW6j4WRl1DhLvKN4wg8s8KHDbzV2NrCQ3qbzcpW6f0Ffp70_VhfW1DPJVy1v-mCjW2kYd606v7zF6W7Knc0C2f_RHbN2c0VZ3p506SN6GV4nVYpjD8W1BZ3Rt3H3J7cW4FRcSL4mFZhsTJDCk7-y7ZzW3mm8Yb7_sXQTVn5mL47RGgwzW1nJN3X4P0WThW98RjFn4yGR2k3g8f1 Page URL
https://news.lascatalinascr.com/events/public/v1/encoded/track/tc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-WJV7Cg-PmN2qkvvLwh1PcW6KBLnp6LPnCkN6crQyk_pcKQW62mxYC3ZrxPkDt95qllQyGW2VdpwH3HGPSnW6j4WRl1DhLvKN4wg8s8KHDbzV2NrCQ3qbzcpW6f0Ffp70_VhfW1DPJVy1v-mCjW2kYd606v7zF6W7Knc0C2f_RHbN2c0VZ3p506SN6GV4nVYpjD8W1BZ3Rt3H3J7cW4FRcSL4mFZhsTJDCk7-y7ZzW3mm8Yb7_sXQTVn5mL47RGgwzW1nJN3X4P0WThW98RjFn4yGR2k3g8f1?_ud=b8e4e054-9d85-47ea-ac86-568b583cacb6&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
http://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email HTTP 301
https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-WJV7Cg-PmN2qkvvLwh1PcW6KBLnp6LPnCkN6crQyk_pcKQW62mxYC3ZrxPkDt95qllQyGW2VdpwH3HGPSnW6j4WRl1DhLvKN4wg8s8KHDbzV2NrCQ3qbzcpW6f0Ffp70_VhfW1DPJVy1v-mC...
news.lascatalinascr.com/e3t/Ctc/W0+113/cBdww04/ 7 KB
3 KB 224ms
162ms Document
text/html 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://news.lascatalinascr.com/e3t/Ctc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-WJV7Cg-PmN2qkvvLwh1PcW6KBLnp6LPnCkN6crQyk_pcKQW62mxYC3ZrxPkDt95qllQyGW2VdpwH3HGPSnW6j4WRl1DhLvKN4wg8s8KHDbzV2NrCQ3qbzcpW6f0Ffp70_VhfW1DPJVy1v-mCjW2kYd606v7zF6W7Knc0C2f_RHbN2c0VZ3p506SN6GV4nVYpjD8W1BZ3Rt3H3J7cW4FRcSL4mFZhsTJDCk7-y7ZzW3mm8Yb7_sXQTVn5mL47RGgwzW1nJN3X4P0WThW98RjFn4yGR2k3g8f1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 7996bea32da03620-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Tue, 14 Feb 2023 15:12:54 GMT
last-modified: Tue, 14 Feb 2023 15:12:54 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbuw4l2EbE7mDfRKcWwIqPBVd7M1A7WA458uP%2BOehAXca5PIvSVT61xiGaAddwZFshw0zuFr6y8HPhgtOQH1NL7TFgI3QzdexT92BxoPcw8fXxZA2nCFZN1MaJ7kiy6FPkkB10JhVCp1pJfyh8bHRl8RvdzU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-hs-https-only: worker
x-hubspot-correlation-id: 3727c31a-6bb0-487a-99f9-bbac10f5e921
x-robots-tag: none

GET
H2

200

Primary Request / Show response
www.lascatalinascr.com/
Redirect Chain

https://news.lascatalinascr.com/events/public/v1/encoded/track/tc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-WJV7Cg-PmN2qkvvLwh1PcW6KBLnp6LPnCkN6crQyk_pcKQW62mxYC3ZrxPkDt95...
http://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5p...
https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5...

17 KB
6 KB

305ms
101ms

Document
text/html

13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email

Requested by

Host: news.lascatalinascr.com
URL: https://news.lascatalinascr.com/e3t/Ctc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-WJV7Cg-PmN2qkvvLwh1PcW6KBLnp6LPnCkN6crQyk_pcKQW62mxYC3ZrxPkDt95qllQyGW2VdpwH3HGPSnW6j4WRl1DhLvKN4wg8s8KHDbzV2NrCQ3qbzcpW6f0Ffp70_VhfW1DPJVy1v-mCjW2kYd606v7zF6W7Knc0C2f_RHbN2c0VZ3p506SN6GV4nVYpjD8W1BZ3Rt3H3J7cW4FRcSL4mFZhsTJDCk7-y7ZzW3mm8Yb7_sXQTVn5mL47RGgwzW1nJN3X4P0WThW98RjFn4yGR2k3g8f1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

3592a7b8e62c5e78bc6568cf5d84a690f7f1a755cad843bf171ce2bfb4947fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.lascatalinascr.com/e3t/Ctc/W0+113/cBdww04/VWmSs-7VQDHWW60L6p52sVSGkW3rtmkr4X0J8-N1KM5t33q3npV1-WJV7Cg-PmN2qkvvLwh1PcW6KBLnp6LPnCkN6crQyk_pcKQW62mxYC3ZrxPkDt95qllQyGW2VdpwH3HGPSnW6j4WRl1DhLvKN4wg8s8KHDbzV2NrCQ3qbzcpW6f0Ffp70_VhfW1DPJVy1v-mCjW2kYd606v7zF6W7Knc0C2f_RHbN2c0VZ3p506SN6GV4nVYpjD8W1BZ3Rt3H3J7cW4FRcSL4mFZhsTJDCk7-y7ZzW3mm8Yb7_sXQTVn5mL47RGgwzW1nJN3X4P0WThW98RjFn4yGR2k3g8f1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: W/"42dd-LtPj/w/19WLpLqEhK4OYXg"
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 600
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Feb 2023 15:12:54 GMT
Location: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
Vary: Accept
X-Powered-By: Express

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 505 KB
159 KB 81ms
43ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736f20e2a413433b3af338e6cccd1318197981ce66e68ac810e723ccbf9c10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
x-amz-version-id: JAvvLYrbAadG1K4h0HWbN.C2V4PipDw0
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 128
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2642/bundles/project-v2.js&cfRay=7996bb86ea2dbba3-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Feb 2023 10:10:35 UTC
server: cloudflare
etag: W/"bc37deecb11dd26ba785db0381926c28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfmWZZV7WFlkMxZ0qMqaFCQvfrursn65X7EHVmqjsRZEMSqcfSbc5%2BrA2csg88z2uIze7pAS13hPSUmruvtPpF1eHTp2zZ1dc0wUEadTDD0JYBbCkyYSr1OKZ1xsY%2BY7CpTTt5ZJYAWFNL7n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7996bea9ddb19012-FRA
x-amz-cf-id: 3n_9B-z-SA27DyrsF8PLwFUOJBXlWLHol6zEe8Se63IgdWNB4J0vOg==
x-hs-target-asset: forms-embed/static-1.2642/bundles/project-v2.js

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 67ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-817146118

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d3e647b71b49d8251adf19a54728827cc5c65aa142b51c69148f86195c5e3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 15:12:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SBPR8STE70

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecf76a9e9566a3194808006e05e59675f5a25b2d5b470bc746a535df75a2949a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77932
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 15:12:55 GMT

GET
H2 200 4917861.js Show response
js.hs-scripts.com/ 3 KB
1004 B 160ms
122ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4917861.js
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8ee3eea0ced23e01f78a8f59b9e37433f9e1e1746d136f492e579986cef113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 15:12:55 GMT
server: cloudflare
x-hubspot-correlation-id: fd9dd651-eb5e-4478-8bc7-ce9391b6ecca
x-trace: 2B26024DA82E4A58C7EA6F41C5637CA062DC43A620000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7996beaa989a2bc5-FRA
expires: Tue, 14 Feb 2023 15:13:55 GMT

GET
H2 200 main.e508a75c03c66f61e771.css
www.lascatalinascr.com/dist/ 312 KB
47 KB 98ms
97ms Stylesheet
text/css 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 339d18a42a9fd3f1f9355c4e1d583c16f43dde0455c93bfd2f2263870af6b1ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 20 Dec 2022 21:12:22 GMT
x-powered-by: Express
etag: W/"4e08e-18531615cf6"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 main.e508a75c03c66f61e771.js Show response
www.lascatalinascr.com/dist/ 2 MB
492 KB 98ms
97ms Script
application/javascript 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.js
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: ad538d09c3dd60bd38ebcba24d1578627e4ebab065d7f42e5e27c159227cb991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 20 Dec 2022 21:12:22 GMT
x-powered-by: Express
etag: W/"1bb540-18531615d83"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 112ms
30ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 15:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 49
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 14 Feb 2023 17:12:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 58ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 15:12:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: euB1bm7oMy47nfV0oFON4H933YSoU26/16D+v1qgL1DXubDlDkFPyb+GPrLz4BXWf31D81LrlxZoD1/lxZpKXQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/817146118/ 2 KB
2 KB 103ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/817146118/?random=1676387575438&cv=11&fst=1676387575438&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&tiba=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&auid=1228321470.1676387575&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-817146118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e4471a3538181c897921505a44274573fc86eb84f184c7178c6c330ea64f94d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1091
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SBPR8STE70&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-817146118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eecc3057a235d1258ef85bef11a966ddc348be91cbde8db67ee183b08ce42d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 15:12:55 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 57ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SBPR8STE70&gtm=45je32d0&_p=184452950&cid=61684362.1676387575&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676387575&sct=1&seg=0&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&dt=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SBPR8STE70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:12:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 650358602149787 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/650358602149787?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebce00d412b85b1747df202c3057bdc39aa5422769373f373c04186d05d11427

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 15:12:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0Znx8deykLvl8WNoWiREHqK/oKQaI+9/ir/ibi/adybB2xryvdunETnFhyK/fBy/Jac4fYA5NqcmQ8r0zfOgLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 59ms
58ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=184452950&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1641621373&gjid=1924297159&cid=61684362.1676387575&tid=UA-39165542-1&_gid=2132595567.1676387576&_r=1&_slc=1&z=1008491606

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lascatalinascr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:12:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/817146118/ 42 B
455 B 82ms
24ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/817146118/?random=1676387575438&cv=11&fst=1676386800000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&tiba=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=898668258&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:12:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/817146118/ 42 B
455 B 89ms
30ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/817146118/?random=1676387575438&cv=11&fst=1676386800000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&tiba=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=898668258&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:12:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 74ms
21ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
x-amz-version-id: voeLZ8jD1qAOp4h9t0pVQ2YHSdN3ebgQ
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 399
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.317/bundles/pixels-release.js&cfRay=7996b4eb1c3f91e3-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 31 Jan 2023 04:09:31 UTC
server: cloudflare
etag: W/"bde7af4ffd2c05ea8423271f767ebc69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7996beabb84c9249-FRA
x-amz-cf-id: 8-yctfomm2eaXGLej93waZUF3ei1z40yWQifwRVU7g5yu-P-17pEaA==
x-hs-target-asset: adsscriptloaderstatic/static-1.317/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4917861/ 202 KB
63 KB 680ms
660ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4917861/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c445ea50253a58dd6cd7467b003e5a895b9f43b53315f093dce4de7efb29726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
x-amz-version-id: S7M4Ya0tvLbaDVdpRTAb4oUGtAGLhpZw
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 899140RPB4RAYXRW
x-amz-server-side-encryption: AES256
x-amz-id-2: 9LE/mDbEscbKzar2k5jaQl88D6QBFQVJLZ6K1RSbkPP/v200WzQuKDRgb4BT7gozmkaXEK58a08=
last-modified: Fri, 03 Feb 2023 20:07:13 GMT
server: cloudflare
etag: W/"a6e9b7fd2949d8201b8dba3078de6fbe"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.lascatalinascr.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7996beab8de9bb5b-FRA
expires: Tue, 14 Feb 2023 15:17:56 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 61ms
21ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a235e45d3103d01cd8b448608b02a41fa735bc723c1f223d07e5aa5bd7ab9462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
x-amz-version-id: xgT3dHIPMgBcDdmsxrDotaPBTMdMkHmd
via: 1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 536
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12179/bundles/project.js&cfRay=7996b192ed6d2c04-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Feb 2023 11:01:19 UTC
server: cloudflare
etag: W/"d78f792958c9a1a9c8497b5ecc301a65"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7996beab9f0d2bde-FRA
x-amz-cf-id: ux6AlJRuQLO4JON8zSKg1zoJ-foO0XhXObWyOSmXVuRXDEl9HbH3XA==
x-hs-target-asset: conversations-embed/static-1.12179/bundles/project.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 68 KB
25 KB 162ms
143ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b42aceb12f34135ce39544c6b143dbdd5690ee9a8809c49a3a37ba014bd200

Request headers

Referer: https://www.lascatalinascr.com/
Origin: https://www.lascatalinascr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
x-amz-version-id: SRrb.93sqm.lmAPDUKFHizePSATAJlo.
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.315/bundles/project.js&cfRay=7996beab8e679113-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 07 Feb 2023 01:17:58 UTC
server: cloudflare
etag: W/"257b82c9f242c143eb09b6862e336a56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7996beab8e679113-FRA
x-amz-cf-id: SFkXkEMKAaJv_8sHdSUiCyiOPamOnPQx7mQv6jBFQBAsnQ7fRGS8JQ==
x-hs-target-asset: collected-forms-embed-js/static-1.315/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 544 KB
87 KB 68ms
29ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

Request headers

Referer: https://www.lascatalinascr.com/
Origin: https://www.lascatalinascr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
x-amz-version-id: 9g41IgVIr3w9wyiFOHn4rgapkQc72OJD
via: 1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P1
age: 11882
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js&cfRay=79959c957bbd2c25-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Feb 2023 01:26:06 UTC
server: cloudflare
etag: W/"998dfd36d3c4078a3a05a1a77e61963c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: MISS
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: s-maxage=86400, max-age=0
cf-ray: 7996beab9c6b2c52-FRA
x-amz-cf-id: fSfAyX3cFpxAAns8bdxSZQ6SQUOYgEpgRD6ehkIdz0TIKBLTiqaV4w==
x-hs-target-asset: lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js

GET
H2 200 4917861.js Show response
js.hs-analytics.net/analytics/1676387400000/ 65 KB
20 KB 484ms
445ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1676387400000/4917861.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4917861.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f0d5af5dac529d8df55989af9a32b66c164461b2db5754592e3790e0f7a04be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 899ATA7HB0XXW4Q0
x-amz-server-side-encryption: AES256
x-amz-id-2: Hedke8QQwKel/OAZjFb2D90obzPOXFDz7Zgduwihr7gdwc8SUpTV4TFxbSLJj5Go+SIgHxJCI4g=
last-modified: Fri, 10 Feb 2023 19:17:23 GMT
server: cloudflare
etag: W/"81c4aa4bdf79901230f79a177f0aa6c7"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7996beab98fd927d-FRA
expires: Tue, 14 Feb 2023 15:17:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
354 B 57ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39165542-1&cid=61684362.1676387575&jid=1641621373&gjid=1924297159&_gid=2132595567.1676387576&_u=IADAAEAAAAAAACAAI~&z=1851287802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lascatalinascr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Feb 2023 15:12:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
16ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=650358602149787&ev=PageView&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&rl=&if=false&ts=1676387575643&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676387575642.186696008&it=1676387575502&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 15:12:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 205ms
204ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4917861&conversations-embed=static-1.12179&mobile=false&messagesUtk=b1671511e9c44bb490fb259f82cb2849&traceId=b1671511e9c44bb490fb259f82cb2849

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

767600ccf234dd4605ee64737f012fe17a458f1e250d5c2fa61575a8fc6ceed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.lascatalinascr.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f70a8fa9-352d-46da-89e7-08086ab58b53
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1558
server: cloudflare
x-trace: 2BFDE71BC5370934DD28689AE373D658E00FC66C96000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BRsGsCIX5f9MMn0RsUVAa9ulcy7Zev5Veup1Ex4jFIdEhXVBGjHrFGiZmxVzaamMXgvBWvmkCT9bY%2FdgXmI3pFNAaPEOpQLMuyL3fZE58bRDG6vvaKzFbcBtgsYi3eUfdt%2FsalzYrQrOxmgBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 7996beaceffa39e2-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 158ms
131ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.lascatalinascr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.lascatalinascr.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7996beac0edb39e2-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 14 Feb 2023 15:12:55 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e55hRLCUwCYVQUrA%2BiAZ9ngLzjxT%2F3H12auvVryc1V%2BhTNyoUJxoDM7kFhKhMzC0UPEK3VBkcIcY%2FMa8x6VYxGoKQ4%2BUTozwbH2qQdMLr9yiNejHg0SwC6VSCMuHYE28lKITLHcRxchONE0dg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: f3c65091-5023-45c5-a7b8-1f9161f9ea5f
x-trace: 2BFBC36B45957835B02FD665A909C3F15396601E3F000000000000000000

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 38ms
37ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-39165542-1&cid=61684362.1676387575&jid=1641621373&_u=IADAAEAAAAAAACAAI~&z=462397967

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-39165542-1&cid=61684362.1676387575&jid=1641621373&_u=IADAAEAAAAAAACAAI~&z=462397967

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
690 B 148ms
131ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=4917861&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b527a131fdfa2266bbc2ebdf1ebdd6d1c8629f3656126bc9ab1f801b83dbf58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fafe5c69-63f0-4031-8951-b85b03065d19
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgPuCKiLVcCOGdeD6xFt4VF3FwyRE5ydhgwNaG%2Bv%2FvY5SD3NF0Kl%2BSh%2BGLYM9rDtvGyALShiT6ufRWa8Io6%2FcVM9uRl%2FO8lL5vrhRid544Nx%2B%2Ff2hQIRNSeLNDWNPn6Km8f1tNPNFJiHn5Szj%2FxC"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7996beacafa239e2-FRA

GET
H2 200 b1671511e9c44bb490fb259f82cb2849 Show response
app.hubspot.com/conversations-visitor/4917861/threads/utk/ Frame 2A39 51 KB
19 KB 243ms
186ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/4917861/threads/utk/b1671511e9c44bb490fb259f82cb2849?uuid=06152a81c2cf4e59ac62a23766e062cc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=lascatalinascr.com&inApp53=false&messagesUtk=b1671511e9c44bb490fb259f82cb2849&url=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eb1dbf6028c9840e4cbe92b44de6adc57bdb91b5e6a2deef8df144694fbed3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.lascatalinascr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7996beae8df739da-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.14631/html/index.html&cfRay=7996beae8df739da&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F4917861%2Fthreads%2Futk%2Fb1671511e9c44bb490fb259f82cb2849%3Fuuid%3D06152a81c2cf4e59ac62a23766e062cc%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dlascatalinascr.com%26inApp53%3Dfalse%26messagesUtk%3Db1671511e9c44bb490fb259f82cb2849%26url%3Dhttps%253A%252F%252Fwww.lascatalinascr.com%252F%253Futm_campaign%253DState%252520of%252520the%252520Union%2526utm_medium%253Demail%2526_hsmi%253D245999380%2526_hsenc%253Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%2526utm_content%253D245999380%2526utm_source%253Dhs_email%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.lascatalinascr.com%2F&cfenv=prod&pdt=2023-02-14&csp=ro
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 15:12:56 GMT
etag: W/"55e5c9bed0e131bf786382cbaf7f0fea"
last-modified: Mon, 13 Feb 2023 11:01:19 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=7996beae8df739da&resource=conversations-visitor-ui/static-1.14631/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-amz-cf-id: r7caHxW7rtqwQhlaIgqWR-8XvfdFIH4UVyoyeD4o7FCiobUDmBseCA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 5mi3CrIPN1Ii4Ha3fCAb2TaLVZqXcmxT
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.14631/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
438 B 166ms
127ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: ca0a2f46-c059-467d-b872-ea7265fc13f1
x-trace: 2B6E5858C73E3C38BC43757777027368E05F437E0C000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7996beaf397f5c26-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 2C3A 0
77 B 17ms
16ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.lascatalinascr.com
Referer: https://www.lascatalinascr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.lascatalinascr.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 15:12:56 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 content Show response
www.lascatalinascr.com/api/ 5 MB
306 KB 219ms
219ms XHR
application/json 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lascatalinascr.com/api/content?cacheBuster=1676387576230

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

f91cb10c80e965158f2a044a5ee328ff6bc29ddc9dce0821f448c6860ca03fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"4b4549-BmB6L2LIle5WKDuAtDoSDQ"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-access-token
x-xss-protection: 1; mode=block

GET
H2 200 slides
www.lascatalinascr.com/api/ 8 MB
241 KB 423ms
422ms XHR
application/json 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lascatalinascr.com/api/slides?cacheBuster=1676387576230

Requested by

Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

iws-04.ideawork.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/?utm_campaign=State%20of%20the%20Union&utm_medium=email&_hsmi=245999380&_hsenc=p2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg&utm_content=245999380&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"803ddd-xu+jrbVuWFsFtXOsxh9Hcg"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-access-token
x-xss-protection: 1; mode=block

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 122 B
879 B 173ms
139ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=4917861

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bcaf246e662533f0caffbdb5a5d05ce5ea2ce271706c05e954a21f4fb069bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: af4a1aea-76c7-4dcd-abf9-25d8fc2f3ea8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BA1ECAEC88720E2CA8B2C5AAF8A05302610273FE9000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5uapMGA7Wzc%2FWDZ2j4CVEysSETKEn9wA2nmGaVUqmtVh7vqXRGcL96dOvFPNe40i67%2BbKLYXY7BLWoSuaIlSwHFeBcjDEr67nL8rJRYgQ5do5i%2BzbEwmMPeemfyhMNzTHaCkX0fJaSOuTU%2F"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 7996beaff9512bae-FRA
access-control-allow-headers: *

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.261/ Frame 2A39 44 KB
17 KB 43ms
19ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.261/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/4917861/threads/utk/b1671511e9c44bb490fb259f82cb2849?uuid=06152a81c2cf4e59ac62a23766e062cc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=lascatalinascr.com&inApp53=false&messagesUtk=b1671511e9c44bb490fb259f82cb2849&url=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347c0ca962ea3849e0aa42b6781e20b81fb173ce7ae066995ecdc105d6e6b288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
x-amz-version-id: kbko2gWCnmOy.RSPHi9a.GgtW8kBa5z1
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: DUS51-P2
age: 338788
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Feb 2023 15:15:11 GMT
server: cloudflare
etag: W/"c4604d0d0704572eba2d941c26300fcf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEfmd41K7Qx%2FaPzj8X4qtCqpDF0VEVnnmXk1%2FzgJx3M32OhEz2PTzeP8%2FACQPXpYX8GXL8xzPmJCnR%2FK8iBGrBWuWKYoQmHwUsvVAlxqGcaN1%2BtwO4KWh22%2F%2BzHTE%2FuIFx00hX8T3Y%2BJo7geBh6vq98%2Bal4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7996beafff955c80-FRA
x-amz-cf-id: 4ZDDmSglGBtNRphPDXkBhkrkgp-DTIMVOJKKjzK58w8yfEcez1GLpw==
expires: Wed, 14 Feb 2024 15:12:56 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14289/sass/ Frame 2A39 20 KB
4 KB 41ms
17ms Stylesheet
text/css 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14289/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

963563d75d17a3c2b444ad4d73e3e9c24a43f6f9e121cce484aa6c7d197af73c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
x-amz-version-id: 8cTUQYaMqbf6Yv8IIYst6y8hd.mcxuTh
via: 1.1 d78b645a0212e56f1a04609bf83554e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: BRU50-C1
age: 2230586
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 Jan 2023 19:32:55 GMT
server: cloudflare
etag: W/"3192955eca3e03437d10c02e718e1960"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9IYVCuAAEcP1nLJ1Mwgyhfg81DZ%2BedLvwQLT8vX7iTshHY1CWCE2fKn0jCE5HXCaSod0FFilgV%2FhwvZUYZ%2BtxBVZwCeCjsuP6G2RyyVsbXCF7gSTy8JOFi16VOut7Z%2Be33v3B8HLbbo6p3L%2FMRQQPfZ0F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7996beb00bc590e8-FRA
x-amz-cf-id: 7KgoMI2jVOlurzBM3o5Yv0huoWpr5EI-ITeNNKFLZ6r4eBd8DyHDKg==
expires: Wed, 14 Feb 2024 15:12:56 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.354/ Frame 2A39 295 KB
94 KB 44ms
20ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.354/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2449ac1a9451021a441c818e5eaed77a5e880504ad0815c40f0f19ab84ca6cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
x-amz-version-id: Aj74JH9zHucnM4eKyPxhPDYcnw_QEp7F
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 681409
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Feb 2023 23:38:38 GMT
server: cloudflare
etag: W/"e18613eeedf95727a868236b293e5f98"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KLSsrSzd%2FPEKO6FeWHq57z0Ucrlr0n1jHKBcImKeaTeYxWaDxviaDC8re8yIMzAMNJKcN2dAWYWSb%2FnvyxurlIr9JHP62qCfh%2FvTa1ak2o06HK8OZdW2N7Chw7OEyztiAU67%2Blpzl%2FAKM9PlKfvBDDjiCg%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7996beb00f975c80-FRA
x-amz-cf-id: y5S071SLCryuOP_3r57HbanBBMKX0Wz79wODaPR0VyIdkCQknKGPbw==
expires: Wed, 14 Feb 2024 15:12:56 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14631/bundles/ Frame 2A39 606 KB
178 KB 43ms
20ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14631/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b8e8609628cddbbf4ae6247516af3e05ca476b8935ddd2e19807e4939856a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
x-amz-version-id: 2NZmWnMFhZAFnGteTKNDb7njXLJqG8L7
via: 1.1 91a32e5723953e749bbbcb02b608eb88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG3-C2
age: 58278
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Feb 2023 22:57:19 GMT
server: cloudflare
etag: W/"61ec450599c974d3cc09ef81f2eddecd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfTBiSer33pD%2BrkeKWTmJ3Zb%2BtlhYiG1XcfnSnbN9drQEaUqUh0faSNpSmhOqY5APLSH7k7vvYgnItLUyfO2KdbyFolOp2lBZAc%2FQGdXKd5D4cD0fAg4BoIURfQCgAETUX1q3lUIv5YId1%2F8QJCi8%2BSzQxA%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7996beb00f985c80-FRA
x-amz-cf-id: GVBLEZUsHXhHlSQL5w8kNeGSJXwMRHo0CaQU_kefvBOpHd6X5FPNpQ==
expires: Wed, 14 Feb 2024 15:12:56 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.14602/ Frame 2A39 776 B
883 B 16ms
15ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14602/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14631/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191ee93668b8142afd97a4cc0df61ab61d58f68a820f7ea5466ca2568d5c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
x-amz-version-id: Gjc1mqdGhnc1u9vzrDKRHsudItDKsByw
via: 1.1 8c67cd84cef353f90d4d60a818799b26.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: DXB52-P1
age: 334776
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Feb 2023 16:20:39 GMT
server: cloudflare
etag: W/"3801c6ecbf979caf71a46cea9d9962c6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMDLMYTOK%2FvIBnIDw2yZThRGbQm%2BI6qCyNRtO%2FFIBiLcN5XHzqMMY%2B%2BEuAyI5GxYksNilzo2JpIMKJfFZtFZn1drq%2BWYoJ5%2FEhiATV3LkBP3o3q0vjJzIRB0mHCdFY%2BTIwZo19uExfBq3isiXdN4aiqO8%2B4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7996beb0c89a5c80-FRA
x-amz-cf-id: 27uCn6XdnVj3F2rflkKYMPhCC5ZPDhU0RkCO3eBRjhqnQ0tm2-nz6w==
expires: Wed, 14 Feb 2024 15:12:56 GMT

GET
H3 200 223368732033123 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 82ms
81ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/223368732033123?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

550c44b9c45bc2fdb6c849f272eb56d7311951b57d4b92ad0b8c3e2ae6dc781d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 15:12:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: n0lHMg6ol7Wm6Wktw0u881sri5mA7YiTHK+JeCQqmmzk1R+F/WtSDCHsXsOktG5tzFqDBdum2xcJF55YjY42gg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
516 B 139ms
138ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2789099452&v=1.1&a=4917861&rcu=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&pu=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&t=Beach+Town+in+Guanacaste%2C+Costa+Rica+%7C+Las+Catalinas&cts=1676387576484&vi=ec681bf610148cf34f2a0192a5b4c472&nc=true&u=197076275.ec681bf610148cf34f2a0192a5b4c472.1676387576481.1676387576481.1676387576481.1&b=197076275.1.1676387576481&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 64c5809e-a1b9-456a-8f45-b83bac0fa38c
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX%2FMcdGobYe8GolJEeT%2Bwj4xFEi%2BbR2C3mBKuLohf4bYIQILXWjZrHIGgJybJmVFdGXsLn6M15ufyDQ5Pjsd%2FmkxmYgWGi4JEtzwjh7EVYbjk%2Bfq8kPsnwPOB8KyGUFxJE6rFXgIlTXO6SXOPpL7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7996beb109b639da-FRA
x-robots-tag: none

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 254 B
1 KB 161ms
160ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=4917861&utk=ec681bf610148cf34f2a0192a5b4c472&__hstc=197076275.ec681bf610148cf34f2a0192a5b4c472.1676387576481.1676387576481.1676387576481.1&__hssc=197076275.1.1676387576481&currentUrl=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f673afe1d6e88aa3baaa5d9bfac2a6bae3778055672d5c8ec65315d67469275e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e215e1da-5c8f-412b-9772-5be94d824a99
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3i39QR3pf%2FkBPdZDgexN5p6JG17ThhrkB1aBJWSNQfuGrJ5RvMWdxro2n58qzJiRT99HBRr6TZHJHEYj4Qqau8YccsREWeEcUlAC8rV5iKG1z0H7GrPgKFDfXEhE%2Biaco3KAwFtNOEaYTWyBs0R"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7996beb11f2b996f-FRA

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 2A39 0
1 KB 138ms
137ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14631

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14631/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/4917861/threads/utk/b1671511e9c44bb490fb259f82cb2849?uuid=06152a81c2cf4e59ac62a23766e062cc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=lascatalinascr.com&inApp53=false&messagesUtk=b1671511e9c44bb490fb259f82cb2849&url=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 0b31c549-1ebc-41ff-be75-532ad807397b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH%2FwfFvWKaQwI9QeNBnrchqi%2FKk6Wi02ynWcxygpPtvojWcwrXBOlafGqo%2BkCZjGH2XYjzhfUQBpQqI5XEzdCqV%2FtsXxQhh0lPn6cqmvW2jd5L953xuZz96S4na3u04upBxNy3Cu27k1XL6pAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
cf-ray: 7996beb139e839da-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H2 200 welcomeMessages Show response
app.hubspot.com/api/livechat-public/v1/bots/public/bot/475799/ Frame 2A39 2 KB
1 KB 184ms
184ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/475799/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14631&conversations-visitor-ui=static-1.14631&traceId=b1671511e9c44bb490fb259f82cb2849&sessionId=AMOaWbLkHgaAFITuuVzS_hEYaKUSFkOpGWX8DxM69wzsLaIo6Pfe8k_QMj363i5yU1cLelkdK4faTRH0kG1tJuqQMzZSF7BM7brf6NI15c1apcwNL3O6BeW-Dz7ml7e-8twVgwWjZ-0O922FE7muj1Ar0yE-p9LmBnHVI-m0Rl0PV0iv_WqODrU

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.261/bundle.production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd48be3e68506ec08430ddbbd2e55665f21d6df3034bf14f57dadffb88ddf784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/conversations-visitor/4917861/threads/utk/b1671511e9c44bb490fb259f82cb2849?uuid=06152a81c2cf4e59ac62a23766e062cc&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=lascatalinascr.com&inApp53=false&messagesUtk=b1671511e9c44bb490fb259f82cb2849&url=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 607cbd09-9bd4-4c3f-b1f8-88f37b809f71
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B2EBB3105C6F435CDE37D16C08BDFACC4D7003F7D000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvIdvTfPs4Pw%2F2Vjm12JuOUmwMxq%2BWk0x%2Bt1uL%2BFYEygwwftfUJzHlXbkI7vt5G8jSBCQEFMkUeGPYpecQcmCZcCmydmYC0b%2Br7fS6VpwSHoxgDDqeof47g1TkRiFi%2BOC6dCV9biLrRy%2B0w0zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 7996beb139f239da-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 15ms
15ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=223368732033123&ev=PageView&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&rl=&if=false&ts=1676387576617&sw=1600&sh=1200&ud[external_id]=ec681bf610148cf34f2a0192a5b4c472&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676387575642.186696008&it=1676387575502&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 15:12:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
191 B 126ms
125ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 70063e73-aa37-4fa7-ad91-10a862890846
x-trace: 2BBDA22717EFD32B1A3A2446478054D1224819C357000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7996beb509495c26-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E5F6 0
15 B 15ms
15ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.lascatalinascr.com
Referer: https://www.lascatalinascr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.lascatalinascr.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 15:12:57 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 TradeGothicLTStd.woff2
www.lascatalinascr.com/dist/ 11 KB
11 KB 101ms
100ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lascatalinascr.com/dist/TradeGothicLTStd.woff2
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: fd1f2aeb41efa06892046cc701a6cef2740ec7220f435de826e2fa7fa140df2f

Request headers

Referer: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Origin: https://www.lascatalinascr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

last-modified: Thu, 19 Nov 2020 19:38:15 GMT
x-powered-by: Express
etag: W/"2ae0-175e203b7ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10976

GET
H2 200 MinionPro-Regular.woff2
www.lascatalinascr.com/dist/ 81 KB
81 KB 100ms
99ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lascatalinascr.com/dist/MinionPro-Regular.woff2
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: c51033a1c3e473e61b0c2393e1d51227156823cc5ea31eebb0d8ec501938340d

Request headers

Referer: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Origin: https://www.lascatalinascr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

last-modified: Thu, 19 Nov 2020 19:38:15 GMT
x-powered-by: Express
etag: W/"143b8-175e203b7e0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 82872

GET
H2 200 TradeGothicLTStd-Bd2.woff2
www.lascatalinascr.com/dist/ 11 KB
11 KB 102ms
102ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lascatalinascr.com/dist/TradeGothicLTStd-Bd2.woff2
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 5a366db3b4ce018209474e47e195866e32782449bfe30b46163bac8b4d502915

Request headers

Referer: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Origin: https://www.lascatalinascr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

last-modified: Thu, 19 Nov 2020 19:38:15 GMT
x-powered-by: Express
etag: W/"2ab8-175e203b7e0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10936

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/4917861/8084996b-d76c-48be-af6e-288e9d0e20af/ 2 KB
1 KB 145ms
135ms XHR
application/json 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4917861/8084996b-d76c-48be-af6e-288e9d0e20af/json?hs_static_app=forms-embed&hs_static_app_version=1.2642&X-HubSpot-Static-App-Info=forms-embed-1.2642&hutk=ec681bf610148cf34f2a0192a5b4c472

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0acfcc57094a2a4b3463d8bb2b629b20bce3c0dba3481c833992c585a36eeef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-origin-hublet: na1
date: Tue, 14 Feb 2023 15:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 47e1848c-ea50-4efd-9d40-2845c3827297
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BFA1C668E1BD3E2F2B4CC6C6DB453C37E778ECA51000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.lascatalinascr.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7996beb62e0dbba1-FRA

GET
H/1.1 200
OK weather Show response
api.openweathermap.org/data/2.5/ 498 B
875 B 71ms
22ms XHR
application/json 82.196.7.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.openweathermap.org/data/2.5/weather?id=3622294&APPID=9bd3938003efde84f8b9b29e090f067d&units=imperial
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.196.7.246 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 9737ab43c444f286b7a761fd3b16c9fffd230075d5fc96afb028e927e67cf5c8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.lascatalinascr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:12:57 GMT
Server: openresty
X-Cache-Key: /data/2.5/weather?APPID=9bd3938003efde84f8b9b29e090f067d&id=3622294&units=imperial
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 498

GET
H2 200 pattern.abf84b5f8d06911ad5f1cc5b0653f97a.png
www.lascatalinascr.com/dist/ 119 KB
119 KB 104ms
103ms Image
image/png 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lascatalinascr.com/dist/pattern.abf84b5f8d06911ad5f1cc5b0653f97a.png
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 984aec6c6503214522a53cbfe21c896830aaca8656d64c2d3e4d6b67d2d09d46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

last-modified: Thu, 19 Nov 2020 19:38:16 GMT
x-powered-by: Express
etag: W/"1da2c-175e203b966"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 121388

GET
H2 200 pattern-quote.c365fc85949cd53f328533e7db3e115e.png
www.lascatalinascr.com/dist/ 79 KB
79 KB 111ms
110ms Image
image/png 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lascatalinascr.com/dist/pattern-quote.c365fc85949cd53f328533e7db3e115e.png
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 3f752ff3f038e99b5d9dceff810114dbca8affdbbd07ce76009197812b828322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

last-modified: Thu, 19 Nov 2020 19:38:16 GMT
x-powered-by: Express
etag: W/"13ae3-175e203b918"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 80611

GET
H/1.1 200
OK home_stories_option2-1599076172366.jpg
s3.amazonaws.com/lascatalinascr/ 239 KB
239 KB 419ms
130ms Image
image/jpeg 54.231.225.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/home_stories_option2-1599076172366.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.225.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c78a9c768012d59816b23ffd1382e3fd4c0f836594e3a191ea07ef55990e25ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:12:58 GMT
Last-Modified: Wed, 02 Sep 2020 19:49:33 GMT
Server: AmazonS3
x-amz-request-id: 93GZ3NQQY1H198VN
ETag: "2a3f26729d70e368f93bee66cdb10287"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 244634
x-amz-id-2: XJNN7oknK06bE9r5nEjApG4mD0XO2DBpmNljyhvsO1jY/62R3RUrLiYJceKsAl7mSQTbkrtPxn4=

GET
H2 200 MinionPro-It.woff2
www.lascatalinascr.com/dist/ 81 KB
82 KB 108ms
108ms Font
application/font-woff2 13.68.180.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lascatalinascr.com/dist/MinionPro-It.woff2
Requested by: Host: www.lascatalinascr.com
URL: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.68.180.169 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: iws-04.ideawork.com
Software: / Express
Resource Hash: 95e5fa8c4fa24e776b3dd351ac115a6a3700d872fd9a72c34af75d142b916432

Request headers

Referer: https://www.lascatalinascr.com/dist/main.e508a75c03c66f61e771.css
Origin: https://www.lascatalinascr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

last-modified: Thu, 19 Nov 2020 19:38:15 GMT
x-powered-by: Express
etag: W/"145a0-175e203b7b1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 83360

GET
H/1.1 200
OK hero1-1599075813611.jpg
s3.amazonaws.com/lascatalinascr/ 226 KB
227 KB 471ms
130ms Image
image/jpeg 54.231.225.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/hero1-1599075813611.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.225.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 27adf96ac4096de99302b2ad07f917971206c2e447990e9749d0d6ca4a5f4ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:12:58 GMT
Last-Modified: Wed, 02 Sep 2020 19:43:34 GMT
Server: AmazonS3
x-amz-request-id: 93GTAVVER2ZY4K27
ETag: "4f8bbf4bc2a8b61508767a78e3b05c53"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 231846
x-amz-id-2: Ji8/g6f0d2sbt2pWxibHGHteMnIiE+JvPMNKxeeBMTKiiHPZXB88H+AKUEIXvf7bWkVI81K6Z9Y=

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
393 B 119ms
118ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 2e8d87b4-fbdc-4f7d-81d9-8920a7a374cd
x-trace: 2BA84B0E91F481A66E55F3AC0ABD6AEB31B20C5E79000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7996beb74b7b30f4-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
358 B 127ms
125ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 47ab7777-f28d-42d7-8972-49f7d8beeb39
x-trace: 2BB6DFF6555BDCC469AE9EC20F06324A32C6F4C26E000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7996beb74b7f30f4-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
639 B 138ms
137ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=8084996b-d76c-48be-af6e-288e9d0e20af&fci=81dabd33-5d3b-49a9-b967-07f2744e1795&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2789099452&v=1.1&a=4917861&rcu=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&pu=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&t=Beach+Town+in+Guanacaste%2C+Costa+Rica+%7C+Las+Catalinas&cts=1676387577477&vi=ec681bf610148cf34f2a0192a5b4c472&nc=true&u=197076275.ec681bf610148cf34f2a0192a5b4c472.1676387576481.1676387576481.1676387576481.1&b=197076275.1.1676387576481&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9ef8e040-08d2-4b4f-abb2-bf9267c1b727
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeUNd29tEb1gL3HcCdz7HbXzqiYOQHPFOVQyunUsOIUExQnb4He3i0tf7zhj4iVKh94dFkHV9oYNPddzAnMbJOD67AlEnuetV7a1ULwERQDCDDD5xshpY%2BfODZ6ZLLDxnpIEqERXlcqfHyDqNmX0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7996beb7483a6907-FRA
x-robots-tag: none

GET
H2 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
169 B 144ms
121ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 06bdd074-ad08-43aa-b36d-e3c93bd2723b
x-trace: 2B6340123FE2BDA865EF6544C9780AFF81A15C3EEB000000000000000000
vary: origin
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7996beb76c565c26-FRA
content-length: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
679 B 137ms
136ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=8084996b-d76c-48be-af6e-288e9d0e20af&fci=81dabd33-5d3b-49a9-b967-07f2744e1795&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2789099452&v=1.1&a=4917861&rcu=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&pu=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&t=Beach+Town+in+Guanacaste%2C+Costa+Rica+%7C+Las+Catalinas&cts=1676387577478&vi=ec681bf610148cf34f2a0192a5b4c472&nc=true&u=197076275.ec681bf610148cf34f2a0192a5b4c472.1676387576481.1676387576481.1676387576481.1&b=197076275.1.1676387576481&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a349825f-85a2-4eb2-940b-fed7240e8e36
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haQ6W5l9R%2B7C7rmOTTk3LUVSQ81Zpz%2Bb8xSLk5qF28BYxbdB3Fycm3kkYGMd3HniaqKPyZ%2Fnarrx4rHRsXQqXvibsBS6%2BmlEFJr2E0Fgb36AEwfau0yzZuY0vV2xG07p0YOlT4yp4DhZG7JHN8sy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7996beb7483e6907-FRA
x-robots-tag: none

GET
H/1.1 200
OK logo-1589389499543.png
s3.amazonaws.com/lascatalinascr/ 76 KB
77 KB 376ms
154ms Image
image/png 54.231.225.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/logo-1589389499543.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.225.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7183dcb7b3210c56bdc97da37f76b44ef73819378c605098eb8bcdd1bbd1501f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:12:58 GMT
Last-Modified: Wed, 13 May 2020 17:05:00 GMT
Server: AmazonS3
x-amz-request-id: 93GMDJ6WKTX01B5V
ETag: "088537018a404bd84ddb06a1a8a9cc02"
Content-Type: image/png
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 78067
x-amz-id-2: CRooPsnmqDkBkrt2lmYQ7kmHI/U4okjxPTgxqn1T8TMnYPHXTWXSZxet2pzIKHSWCFRSPhuNjXs=

GET
H/1.1 200
OK image2_option3-1599075965116.jpg
s3.amazonaws.com/lascatalinascr/ 227 KB
227 KB 358ms
136ms Image
image/jpeg 54.231.225.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/image2_option3-1599075965116.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.225.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f73bd5e44950f0b421895065806fb802170e52e7a9e608701f1f2f5a65f0405a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:12:58 GMT
Last-Modified: Wed, 02 Sep 2020 19:46:06 GMT
Server: AmazonS3
x-amz-request-id: 93GY428FB0FMZC50
ETag: "3b79e87fd998cfa783a56d582e129a2b"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 232390
x-amz-id-2: QqvDVnNI/a+oK9H8Ux8jy2HbcoRjspefyQaWvwNonzvgeIQozWibvb0YVZPA13T6fLRiBK9LXtM=

GET
H/1.1 200
OK image1_option1-1599075933472.jpg
s3.amazonaws.com/lascatalinascr/ 154 KB
154 KB 352ms
131ms Image
image/jpeg 54.231.225.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/image1_option1-1599075933472.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.225.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b58cf3ce28c99486a906e87c62a5be7433149ce729af18cb02a6e0cd6380f7f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:12:58 GMT
Last-Modified: Wed, 02 Sep 2020 19:45:34 GMT
Server: AmazonS3
x-amz-request-id: 93GR6YX5R6D4Q5R1
ETag: "93b3d1e84a2b091d14ebc6b3dc5d8119"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 157672
x-amz-id-2: h4rCpGT2KCFRasSCnCKAknj/d/62qIyLYPJB+gddfbJjwrqEgoXRUMGrfWDnoYGD4ik8B/hk8t4=

GET
H/1.1 200
OK image3_option2-1599075951521.jpg
s3.amazonaws.com/lascatalinascr/ 171 KB
172 KB 188ms
147ms Image
image/jpeg 54.231.225.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/image3_option2-1599075951521.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.225.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cc17a70a939f254e1789bb7b0ba1a9c10b427252dc6727e880aca8aceca82070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:12:58 GMT
Last-Modified: Wed, 02 Sep 2020 19:45:52 GMT
Server: AmazonS3
x-amz-request-id: 93GYKQ04WJ9QYMN1
ETag: "e1cd24508d3238cb24ab690085fc2e53"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 175503
x-amz-id-2: i6BznaMxKDMjC3aqR14SY8fweVGLtPCKeP/xher5Kp11/YuNYuXicOGLPdb6LlKpYA+XJrKNCk8=

GET
H/1.1 200
OK kljlk-1604702712772.jpg
s3.amazonaws.com/lascatalinascr/ 507 KB
507 KB 132ms
129ms Image
image/jpeg 54.231.225.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lascatalinascr/kljlk-1604702712772.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.225.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18ec2ce446b2a126e9d6b21aef632263a7e6244bc71a7c110757d4e28f6c3f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 15:12:59 GMT
Last-Modified: Fri, 06 Nov 2020 22:45:13 GMT
Server: AmazonS3
x-amz-request-id: C0CGBMXB3M1FGP25
ETag: "ed3622f8319a0f9b6d78e229092b8f9a"
Content-Type: image/jpeg
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Length: 518671
x-amz-id-2: hZ/YvLlixzZ6oPFR8c9cxIm06bY7wKL8rsvQBMtAMN6BNBZdkmxtMUoI5tF73mSfzOJUmnVUfao=

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=184452950&t=pageview&_s=2&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&dp=%2F&ul=en-us&de=UTF-8&dt=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KCDACEABBAAAACACI~&jid=&gjid=&cid=61684362.1676387575&tid=UA-39165542-1&_gid=2132595567.1676387576&z=740618414

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 11:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14764
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 20ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SBPR8STE70&gtm=45je32d0&_p=184452950&cid=61684362.1676387575&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676387575&sct=1&seg=0&dl=https%3A%2F%2Fwww.lascatalinascr.com%2F%3Futm_campaign%3DState%2520of%2520the%2520Union%26utm_medium%3Demail%26_hsmi%3D245999380%26_hsenc%3Dp2ANqtz-_XFSE7i5JqqjWcRyYRW2mJIcH_m0ZB-A2n2XMGCIvfXjBU080oBeou3sRGzI06lEyAdpZ3SoVq4z1r5pOzAndnTZLDNg%26utm_content%3D245999380%26utm_source%3Dhs_email&dt=Beach%20Town%20in%20Guanacaste%2C%20Costa%20Rica%20%7C%20Las%20Catalinas&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SBPR8STE70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lascatalinascr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 15:13:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lascatalinascr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Rosa.png
f.hubspotusercontent10.net/hub/4917861/hubfs/ Frame 2A39 11 KB
12 KB 130ms
87ms Image
image/webp 2606:4700::6810:d7ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent10.net/hub/4917861/hubfs/Rosa.png?width=108&height=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d7ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0300d7306151700c234de64660aed7e49e68d704053cc2f90de677c8997b84e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:13:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 264cb12aa5043fad64b302b378b99036.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 76229
x-amz-cf-pop: IAD12-P2
cf-polished: origFmt=png, origSize=24862
x-amz-server-side-encryption: AES256
edge-cache-tag: F-25313567958,P-4917861,FLS-ALL
cache-tag: F-25313567958,P-4917861,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
content-disposition: inline; filename="Rosa.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 11076
last-modified: Wed, 25 Jan 2023 22:46:53 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a9103fac1c591993aeebc0f4290e49ee"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 7996bed0fc2937e0-FRA
x-amz-cf-id: zWkukoz1CkKLjXGi65-M6sWfajWGoSd_xWf2LfwLBRbZ-beScfGLWQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.news.lascatalinascr.com/	1970-01-20 09:39:49	Name: __cf_bm Value: sE5CfHtpbC5stIvpNotKS2sWKFnCa_1zdczpBGqvFHo-1676387574-0-AerAfJT0vZlOHSVgGC+/rFe5+b6uot3zOXDBmf0YaWQ1vnQHy18eUJyIvlnzAwP3ETDW98wtWM0zDdkKP2XKi5A=
.news.lascatalinascr.com/	1969-12-31 23:59:59	Name: __cfruid Value: dfe632d8b4a8822879e0f3fca95b59d95ab76462-1676387574
.lascatalinascr.com/	1970-01-20 11:49:23	Name: _gcl_au Value: 1.1.1228321470.1676387575
.lascatalinascr.com/	1970-01-20 19:15:47	Name: _ga_SBPR8STE70 Value: GS1.1.1676387575.1.0.1676387575.0.0.0
.lascatalinascr.com/	1970-01-20 19:15:47	Name: _ga Value: GA1.2.61684362.1676387575
.lascatalinascr.com/	1970-01-20 09:41:13	Name: _gid Value: GA1.2.2132595567.1676387576
.lascatalinascr.com/	1970-01-20 09:39:47	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 09:39:48	Name: test_cookie Value: CheckForPermission
.lascatalinascr.com/	1970-01-20 11:49:23	Name: _fbp Value: fb.1.1676387575642.186696008
.hubspot.com/	1970-01-20 09:39:49	Name: __cf_bm Value: h4Vengo0Wqk31_adGZqQHWzwvJqsRwFp0Fy.r1iLpEI-1676387576-0-ARVHmobkpALIv/p3OLId+B6Nvc6WYKVcWrtoouusn6UOf1S9PRdnOzy4Za6mTjG5EZPmb5nOpAqDRub7o9tuWIA=
.lascatalinascr.com/	1970-01-20 13:58:59	Name: __hstc Value: 197076275.ec681bf610148cf34f2a0192a5b4c472.1676387576481.1676387576481.1676387576481.1
.lascatalinascr.com/	1970-01-20 13:58:59	Name: hubspotutk Value: ec681bf610148cf34f2a0192a5b4c472
.lascatalinascr.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.lascatalinascr.com/	1970-01-20 09:39:49	Name: __hssc Value: 197076275.1.1676387576481
.lascatalinascr.com/	1970-01-20 13:58:59	Name: messagesUtk Value: b1671511e9c44bb490fb259f82cb2849

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
api.openweathermap.org
app.hubspot.com
connect.facebook.net
f.hubspotusercontent10.net
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
news.lascatalinascr.com
region1.google-analytics.com
s3.amazonaws.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.lascatalinascr.com
13.68.180.169
2001:4860:4802:32::36
2606:2c40::c73c:67e1
2606:4700:4400::ac40:9a55
2606:4700::6810:5605
2606:4700::6810:d7ed
2606:4700::6811:45b0
2606:4700::6811:71b0
2606:4700::6811:7fab
2606:4700::6811:8d2
2606:4700::6811:b849
2606:4700::6811:cccc
2606:4700::6811:d4cc
2606:4700::6811:e6cc
2606:4700::6811:eccc
2606:4700::6813:9b53
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2008
2a00:1450:4001:830::2004
2a00:1450:400d:80c::200e
2a00:1450:4025:401::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.231.225.232
82.196.7.246
0300d7306151700c234de64660aed7e49e68d704053cc2f90de677c8997b84e0
0acfcc57094a2a4b3463d8bb2b629b20bce3c0dba3481c833992c585a36eeef1
18ec2ce446b2a126e9d6b21aef632263a7e6244bc71a7c110757d4e28f6c3f9f
191ee93668b8142afd97a4cc0df61ab61d58f68a820f7ea5466ca2568d5c290d
1b527a131fdfa2266bbc2ebdf1ebdd6d1c8629f3656126bc9ab1f801b83dbf58
1d3e647b71b49d8251adf19a54728827cc5c65aa142b51c69148f86195c5e3c6
2449ac1a9451021a441c818e5eaed77a5e880504ad0815c40f0f19ab84ca6cfa
27adf96ac4096de99302b2ad07f917971206c2e447990e9749d0d6ca4a5f4ec4
339d18a42a9fd3f1f9355c4e1d583c16f43dde0455c93bfd2f2263870af6b1ee
347c0ca962ea3849e0aa42b6781e20b81fb173ce7ae066995ecdc105d6e6b288
3592a7b8e62c5e78bc6568cf5d84a690f7f1a755cad843bf171ce2bfb4947fc2
36b42aceb12f34135ce39544c6b143dbdd5690ee9a8809c49a3a37ba014bd200
3f752ff3f038e99b5d9dceff810114dbca8affdbbd07ce76009197812b828322
550c44b9c45bc2fdb6c849f272eb56d7311951b57d4b92ad0b8c3e2ae6dc781d
5736f20e2a413433b3af338e6cccd1318197981ce66e68ac810e723ccbf9c10c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a366db3b4ce018209474e47e195866e32782449bfe30b46163bac8b4d502915
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c445ea50253a58dd6cd7467b003e5a895b9f43b53315f093dce4de7efb29726
6eb1dbf6028c9840e4cbe92b44de6adc57bdb91b5e6a2deef8df144694fbed3d
7183dcb7b3210c56bdc97da37f76b44ef73819378c605098eb8bcdd1bbd1501f
75b8e8609628cddbbf4ae6247516af3e05ca476b8935ddd2e19807e4939856a2
767600ccf234dd4605ee64737f012fe17a458f1e250d5c2fa61575a8fc6ceed6
7bcaf246e662533f0caffbdb5a5d05ce5ea2ce271706c05e954a21f4fb069bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e4471a3538181c897921505a44274573fc86eb84f184c7178c6c330ea64f94d
8f0d5af5dac529d8df55989af9a32b66c164461b2db5754592e3790e0f7a04be
95e5fa8c4fa24e776b3dd351ac115a6a3700d872fd9a72c34af75d142b916432
963563d75d17a3c2b444ad4d73e3e9c24a43f6f9e121cce484aa6c7d197af73c
9737ab43c444f286b7a761fd3b16c9fffd230075d5fc96afb028e927e67cf5c8
984aec6c6503214522a53cbfe21c896830aaca8656d64c2d3e4d6b67d2d09d46
a235e45d3103d01cd8b448608b02a41fa735bc723c1f223d07e5aa5bd7ab9462
ad538d09c3dd60bd38ebcba24d1578627e4ebab065d7f42e5e27c159227cb991
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b58cf3ce28c99486a906e87c62a5be7433149ce729af18cb02a6e0cd6380f7f9
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c51033a1c3e473e61b0c2393e1d51227156823cc5ea31eebb0d8ec501938340d
c78a9c768012d59816b23ffd1382e3fd4c0f836594e3a191ea07ef55990e25ab
cc17a70a939f254e1789bb7b0ba1a9c10b427252dc6727e880aca8aceca82070
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd48be3e68506ec08430ddbbd2e55665f21d6df3034bf14f57dadffb88ddf784
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8ee3eea0ced23e01f78a8f59b9e37433f9e1e1746d136f492e579986cef113
ebce00d412b85b1747df202c3057bdc39aa5422769373f373c04186d05d11427
ecf76a9e9566a3194808006e05e59675f5a25b2d5b470bc746a535df75a2949a
eecc3057a235d1258ef85bef11a966ddc348be91cbde8db67ee183b08ce42d97
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f673afe1d6e88aa3baaa5d9bfac2a6bae3778055672d5c8ec65315d67469275e
f73bd5e44950f0b421895065806fb802170e52e7a9e608701f1f2f5a65f0405a
f7455fff3d4e08245186e113636f69cbc44679bdf8870de5e4fd9a835e3d2e93
f91cb10c80e965158f2a044a5ee328ff6bc29ddc9dce0821f448c6860ca03fac
fd1f2aeb41efa06892046cc701a6cef2740ec7220f435de826e2fa7fa140df2f
fd43cd92e272c2e3872abd9559900116d85f2899e76c00015c59360060bcf062

www.lascatalinascr.com Open in urlscan Pro 13.68.180.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

88 %IPv6

23 Domains

30 Subdomains

26 IPs

4 Countries

4281 kBTransfer

21145 kBSize

15 Cookies

15 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.lascatalinascr.com Open in urlscan Pro
13.68.180.169 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

88 %
IPv6

23
Domains

30
Subdomains

26
IPs

4
Countries

4281 kB
Transfer

21145 kB
Size

15
Cookies

72 HTTP transactions
0 data transactions