urlscan.io logo urlscan.io
SecurityTrails logo

rainbowvomit.com Open in urlscan Pro
2a04:fa87:fffd::c000:4220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rainbowvomit.com/
Effective URL: https://rainbowvomit.com/
Submission: On May 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 60 HTTP transactions. The main IP is 2a04:fa87:fffd::c000:4220, located in Ireland and belongs to AUTOMATTIC, US. The main domain is rainbowvomit.com.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time rainbowvomit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

28    2a04:fa87:fffd::c000:4220 (Ireland)

ASN2635 (AUTOMATTIC, US)
rainbowvomit.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    92.123.12.173 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-12-173.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    50.18.123.174 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-123-174.us-west-1.compute.amazonaws.com
reviews.bizinga.com
1    52.9.117.201 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-117-201.us-west-1.compute.amazonaws.com
birdeye.com
3    52.9.125.55 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-125-55.us-west-1.compute.amazonaws.com
fareharbor.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    54.176.57.3 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-57-3.us-west-1.compute.amazonaws.com
webchat.birdeye.com
2    35.186.241.51 (None, )

ASN- ()
api-js.mixpanel.com
1    216.239.34.36 (None, )

ASN- ()
region1.google-analytics.com
1    65.9.95.35 (None, )

ASN- ()
d3cnqzq0ivprch.cloudfront.net
Apex Domain
Subdomains		 Transfer
28 rainbowvomit.com
rainbowvomit.com
2 MB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 712
141 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
317 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
16 KB
3 fareharbor.com
fareharbor.com — Cisco Umbrella Rank: 25653
37 KB
3 birdeye.com
birdeye.com — Cisco Umbrella Rank: 42230
webchat.birdeye.com — Cisco Umbrella Rank: 128992
5 KB
2 mixpanel.com
api-js.mixpanel.com
467 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
75 KB
1 cloudfront.net
d3cnqzq0ivprch.cloudfront.net
25 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
346 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
28 KB
1 bizinga.com
reviews.bizinga.com — Cisco Umbrella Rank: 947492
577 B
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3738
19 KB
60 15
Domain Requested by
28 rainbowvomit.com rainbowvomit.com
5 analytics.tiktok.com rainbowvomit.com
analytics.tiktok.com
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com rainbowvomit.com
www.googletagmanager.com
3 www.youtube.com rainbowvomit.com
www.youtube.com
3 fareharbor.com 1 redirects rainbowvomit.com
fareharbor.com
2 api-js.mixpanel.com analytics.tiktok.com
2 webchat.birdeye.com
2 www.google-analytics.com www.googletagmanager.com
analytics.tiktok.com
2 connect.facebook.net rainbowvomit.com
connect.facebook.net
1 d3cnqzq0ivprch.cloudfront.net analytics.tiktok.com
1 www.facebook.com rainbowvomit.com
1 stats.g.doubleclick.net analytics.tiktok.com
1 cdnjs.cloudflare.com rainbowvomit.com
1 birdeye.com rainbowvomit.com
1 reviews.bizinga.com 1 redirects
1 cdn.mxpnl.com rainbowvomit.com
60 17
Subject Issuer Validity Valid
rainbowvomit.com
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-29 -
2024-05-29		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
production.fareharbor.com
Amazon RSA 2048 M02		 2024-03-26 -
2025-04-24		 a year crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.birdeye.com
Go Daddy Secure Certificate Authority - G2		 2023-09-17 -
2024-10-18		 a year crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 5 frames:

Primary Page: https://rainbowvomit.com/
Frame ID: 9B876D4E8F2B36B0C7AA4EF853FC593D
Requests: 56 HTTP requests in this frame

Frame: https://fareharbor.com/embeds/cart/?u=dc60c6bf-32c3-43ee-b041-8a8a3ccbf2a7&from-ssl=yes&ga=UA-72993211-1%2C1468160851.1716317658%3B&ga4t=&g4=yes&cp=no&csp=no&back=https%3A%2F%2Frainbowvomit.com%2F
Frame ID: EDEC0302EA4AC147342BAC36EA8DB798
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/j_xYHcBRHXE?autoplay=1&controls=0&enablejsapi=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&origin=https%3A%2F%2Frainbowvomit.com&playsinline=1&rel=0&start&end&widgetid=1
Frame ID: A40A63971DCB2A2A31CA52985D804FDF
Requests: 1 HTTP requests in this frame

Frame: https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=197093&apikey=ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d&widgetApiVersion=2
Frame ID: DFFDE8094FB16BAB16B8D27B56F1C103
Requests: 1 HTTP requests in this frame

Frame: https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=197093&mobileRequired=1&defaultCountryCode=0&apikey=ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
Frame ID: 9DADF53A2D64C230CC2348077AD3E517
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rainbow Vomit | Immersive Art Experience Dallas, TX

Page URL History Show full URLs

  1. http://rainbowvomit.com/ HTTP 307
    https://rainbowvomit.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • birdeye\.com/embed
  • birdeye\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

97 %
HTTPS

53 %
IPv6

15
Domains

17
Subdomains

18
IPs

5
Countries

2369 kB
Transfer

4341 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rainbowvomit.com/ HTTP 307
    https://rainbowvomit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://reviews.bizinga.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d HTTP 302
  • https://birdeye.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d
Request Chain 11
  • https://fareharbor.com/embeds/api/v1/ HTTP 302
  • https://fareharbor.com/static/dist/integration-kit-bundle.js

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rainbowvomit.com/
Redirect Chain
  • http://rainbowvomit.com/
  • https://rainbowvomit.com/
114 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
740bdab811505d373ce655dfa3ebcad45a299f7a6de439ea86170789b09d9750

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=300, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 21 May 2024 18:54:17 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://rainbowvomit.com/wp-json/>; rel="https://api.w.org/" <https://rainbowvomit.com/wp-json/wp/v2/pages/468>; rel="alternate"; type="application/json" <https://rainbowvomit.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
EXPIRED
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 111 254 443

Redirect headers

Location
https://rainbowvomit.com/
Non-Authoritative-Reason
HttpsUpgrades
/
rainbowvomit.com/_static/ 		172 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rainbowvomit.com/_static/??-eJylkUtuwzAMBS9URkiatquiZ6El2iYskQapxMjtIzfLrmrtiAfOgJ+wrRBVKkkNdaZCHkY0mtEGNXCuLYjuYbhxTq+OwGVVq35q+Vv4Fz9kjUsLGoCxAsuoxy1ccKJOHAYUIQPTrdc0Yc5kj+OazLL0WzxzIp91e1UAratyUWHMHVaNjYdCiRH2QTu+f29j6cGL30mS2r5aXP7ga75NLO0f4hUnwwIjUYLV9NfgA4PXRyY/FZad/inf56/z5+Vy/bi+PwF1yiVm
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
067911efc5dfd3f378eccb1dc2f159b073b754aa325b193276aa836f121bcd42

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
br
x-rq
hhn1 111 254 443
last-modified
Mon, 20 May 2024 17:02:23 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 21 May 2024 18:54:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1294, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
EXz6acweQ25v4YVRrlT9u4sSxL+WdgwqMwXOT82EazNf7DOx3yupp8cJzBFEkraUsqCftlvkRuhbzEIgl2TZOg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLJ72DJC77U4D7KCLBDG&lib=ttq
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.12.173 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-12-173.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2db322ca94503daff7186a4918c58a64419495601ffff2146ceffca2579aeed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
8406c087.13c1910
date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2405211854171E987294974E166A4EB4-1B1AB44640237C56-00
x-cache
TCP_MISS from a2-16-119-173.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time
111,2.16.119.173
server-timing
cdn-cache; desc=MISS, edge; dur=104, origin; dur=11, inner; dur=7
content-length
1482
pragma
no-cache
server
nginx
x-tt-logid
202405211854171E987294974E166A4EB4
x-cache-remote
TCP_MISS from a23-218-223-77.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.218.223.77
x-tt-trace-host
015c91947f38d3c27845e9b099943b1b0daa06bae77be1c3ee68008d18f399b6d14fae3523785f1010a60497a8a99ac5237419012c6a0ca6a87ff26ebcf0a883b76f2eb08a5c6ee36afec54e739e08bd053d19f7839976ac49874208a4aa2af69ba424dc9a957fd977e1dcb730fcdb2331
expires
Tue, 21 May 2024 18:54:17 GMT
js
www.googletagmanager.com/gtag/ 		123 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aedd2199c022c69d40bd7b1b1f681d6516d9b0b1895c22c5543d14d26c2266cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48171
x-xss-protection
0
last-modified
Tue, 21 May 2024 18:37:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 May 2024 18:54:17 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:52:19 GMT
content-encoding
gzip
age
118
x-guploader-uploadid
ABPtcPpOb85uEEADPM74aV-q8X8DFTRk7xk4mRYrCeHfgI4OZj7DohVnEI9YV954icjgrr0R3WM8yNqFfg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18793
last-modified
Fri, 26 Apr 2024 20:55:25 GMT
server
UploadServer
etag
"699087d24603faf41a8ef844dd0c55d1"
vary
Accept-Encoding
x-goog-generation
1714164925156474
x-goog-hash
crc32c=4oRQEw==, md5=aZCH0kYD+vQajvhE3QxV0Q==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18793
accept-ranges
bytes
expires
Tue, 21 May 2024 19:02:19 GMT
Rainbow-Vomit-exude-love-logo-WIDE1.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/Rainbow-Vomit-exude-love-logo-WIDE1.png?w=600
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b533f0c07f662f24ef3640ba6d9778e70b708b5767dccae54021e5fa43b80ef6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
x-rq
hhn1 109 30 443
last-modified
Fri, 17 May 2024 11:06:55 GMT
server
nginx
etag
"c8a164898ba2de50"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
46352
4379022.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/4379022.png?w=1200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3dfd330a8eae1561af7cc6d2adcb1e39613a3442dda9697b2c27007d3fba95f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
width
770
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
x-rq
hhn1 109 27 443
last-modified
Fri, 17 May 2024 11:06:55 GMT
server
nginx
etag
"52dfe752a76dd541"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
4376
4379024.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/4379024.png?h=150
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
975f0642546c800db136ef156d328aba12bd319899fb68fa5c03b1947f69ab53

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
width
477
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
x-rq
hhn1 109 84 443
last-modified
Fri, 17 May 2024 11:06:55 GMT
server
nginx
etag
"bfab8380b97d64c8"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
9666
4379023.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/4379023.png?w=1200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
74b8694103ca5a913d27d154a49e5b339dad79bd1b0e9510f04f4dd057fbf9a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
width
770
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
x-rq
hhn1 109 144 443
last-modified
Fri, 17 May 2024 11:06:55 GMT
server
nginx
etag
"f4c3f4ae92e6783f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
6804
DFW_On_Dark@3x-3.webp
rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/DFW_On_Dark@3x-3.webp?w=1200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
771c5de3e2ff6eec34627ee9dff7a8e3bb0a84500be887040af15830bd4c07c8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
width
274
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
x-rq
hhn1 109 86 443
last-modified
Fri, 17 May 2024 11:06:55 GMT
server
nginx
etag
"fabc55913be37f2d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
4282
ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d
birdeye.com/embed/v6/197093/1/770641554/
Redirect Chain
  • https://reviews.bizinga.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d
  • https://birdeye.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d
19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdeye.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Server
52.9.117.201 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-117-201.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
14c023c7bd61fdceb1ee2c5d8b40b0f405ad0f9fd671efa6a1c7c3cc51a521b9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://rainbowvomit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 21 May 2024 18:54:18 GMT
content-encoding
gzip
access-control-allow-credentials
true
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript

Redirect headers

Date
Tue, 21 May 2024 18:54:17 GMT
Server
nginx
Vary
Origin, Accept, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Location
https://birdeye.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
118
X-XSS-Protection
1; mode=block;
integration-kit-bundle.js
fareharbor.com/static/dist/
Redirect Chain
  • https://fareharbor.com/embeds/api/v1/
  • https://fareharbor.com/static/dist/integration-kit-bundle.js
101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/static/dist/integration-kit-bundle.js
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Server
52.9.125.55 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-125-55.us-west-1.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
8df608b9c44d5178851a3e065d41100374064ebf47dd0e69af12789a63eab468
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://rainbowvomit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-fh-loadbalancer
production
x-amz-request-id
W0XPMA4MPQAENCM1
x-amz-server-side-encryption
AES256
x-amz-id-2
J1eov5CdBDoA4mN5VttfZenO1VJyvBxF6le5Cs4QKS3Sp/wishb/6RnWGAHpHd2IklPRFvnxg8A=
x-xss-protection
1; mode=block
x-amz-expiration
expiry-date="Tue, 20 Aug 2024 00:00:00 GMT", rule-id="remove_old_files"
last-modified
Tue, 21 May 2024 14:20:03 GMT
server
AmazonS3
etag
"a1c8403824c5f4a2f7cb39cd1466727e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3153600

Redirect headers

date
Tue, 21 May 2024 18:54:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-fh-loadbalancer
production
x-amzn-trace-id
Root=1-664cedd9-5f230c680fe8b08b0714ff9b
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
vary
Accept-Encoding, Cookie
content-language
en-us
location
https://fareharbor.com/static/dist/integration-kit-bundle.js
p3p
CP="This is not a P3P policy."
content-type
text/html; charset=utf-8
content-length
0
x-xss-protection
1; mode=block
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1641050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vALjprLIjwIm5QqfF0SO43S6FSsw74rkRoIF1q7xMn87ZRaP3%2FtDQG0eVniMMtLLvCxOBjOMae1IPwLtZGQDI9rB994kEj8Si52tfxrxq4wVVT5YBjaGGZ0xjrWD4mykOf1iuib"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8876c62f5c0f2bc3-FRA
expires
Sun, 11 May 2025 18:54:17 GMT
/
rainbowvomit.com/_static/ 		151 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rainbowvomit.com/_static/??-eJydjksOgzAMRC9U14LyWSHOEhKXOCSkskNRb1/EDWAz0hvpjQb3D9i8FloLFk+JFN9GyBuZsoByOYqgOG0cHZ74DPrAK9aXHWWQvF82NbJd7lnAycwEs4mR5Hdz40hH6s/nYxqqvurqummbV/gDo39z0Q==
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b3bc1649ff816011ae1fd1a11c26b674d758314ddc9336fb4d7b997541db5f97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
br
x-rq
hhn1 111 253 443
last-modified
Mon, 20 May 2024 17:02:23 GMT
server
nginx
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		204 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-72993211-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db62eeaafd6cc5c176131ee897fce0fa65ac376ed637de3b67af514b1ea9097a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75043
x-xss-protection
0
last-modified
Tue, 21 May 2024 18:37:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 May 2024 18:54:17 GMT
js
www.googletagmanager.com/gtag/ 		284 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2CHJ9R6QSF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d64559f8b92d1b53101ead68e6549baff42ed551d6bd56e54c9f03b838b18f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98105
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 21 May 2024 18:54:17 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CFFR6Z737C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc6035dfc9a4abf064076b5ebe6a176fcd6e62ec094403f3f5b13056faa4f4ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102893
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 21 May 2024 18:54:17 GMT
601831030245337
connect.facebook.net/signals/config/ 		76 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/601831030245337?v=2.9.156&r=stable&domain=rainbowvomit.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c8e6cba0468687d303c9108186b7c5dc130a5b4b437d7ff927a617679175f2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 21 May 2024 18:54:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=1, c=45, mss=1294, tbw=63385, tp=-1, tpl=-1, uplat=305, ullat=0
pragma
public
x-fb-debug
oSBrjyWH4X2zelDpzrQ5eUsqTeSakLV4ggGiOc10LnprL46V3+wHOUbmvnk6f9qav14syntMiriAxBPIqqMeaA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MWJjYTQ0ZWY3MA.js
analytics.tiktok.com/i18n/pixel/static/ 		334 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLJ72DJC77U4D7KCLBDG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.12.173 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-12-173.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cc21ce182af6c59ff1e8b724d83b1466f88d8fac79ea8ec63c766c94c8f00748

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
13c1984
date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240521140000712BBF886CB86451BDAD
x-tt-trace-id
00-240521140000712BBF886CB86451BDAD-41C8253D7EF49AB6-00
vary
Accept-Encoding
x-cache
TCP_HIT from a2-16-119-173.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01d77d1cd3fc61582f3e2d21332ee52e14c06ee5777a99036de48be9e336dc22bd5448ac4b799814f8bae102ac1f9b2b9d35ecb9615ecb8b3d91ca52736cb16ee34f5feae6f72b7efe0995940ae3c05e700c80c5a153775a158076ad1e5152f2f9
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
99060
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72993211-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 May 2024 17:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4394
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 21 May 2024 19:41:03 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2CHJ9R6QSF&gtm=45je45f0h1v889860019za200&_p=1716317657457&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1468160851.1716317658&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716317657&sct=1&seg=0&dl=https%3A%2F%2Frainbowvomit.com%2F&dt=Rainbow%20Vomit%20%7C%20Immersive%20Art%20Experience%20Dallas%2C%20TX&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.dimension1=fareharbor-sites&tfd=1129
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2CHJ9R6QSF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 21 May 2024 18:54:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbowvomit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdobeStock_247929178-scaled.jpeg
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/AdobeStock_247929178-scaled.jpeg?w=1600
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6e2365d9da911651e8763b50cacf0b912b95dc2a55a32863197200d3e83f52a3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:17 GMT
x-rq
hhn1 109 140 443
last-modified
Fri, 17 May 2024 11:06:55 GMT
server
nginx
etag
"323cb0aad020f338"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
201018
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CFFR6Z737C&gtm=45je45f0v9172196897za200&_p=1716317657457&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1468160851.1716317658&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1716317657&sct=1&seg=0&dl=https%3A%2F%2Frainbowvomit.com%2F&dt=Rainbow%20Vomit%20%7C%20Immersive%20Art%20Experience%20Dallas%2C%20TX&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1167
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CFFR6Z737C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 21 May 2024 18:54:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbowvomit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
noto-sans-latin-400-normal.woff2
rainbowvomit.com/wp-content/uploads/sites/3771/2024/05/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2024/05/noto-sans-latin-400-normal.woff2
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4c0aea6139bcfbb5d8295db45717b7dab4b1ea854564068c5cac0c2cefc679fd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Origin
https://rainbowvomit.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 196 443
last-modified
Wed, 15 May 2024 07:38:47 GMT
server
nginx
etag
"65cbe9b54c2fc48d"
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
x-cache
HIT
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
13336
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.12.173 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-12-173.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
13c19e8
date
Tue, 21 May 2024 18:54:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240521140000F6EA61DCE730BE4411EC
x-tt-trace-id
00-240521140000F6EA61DCE730BE4411EC-2D7B7F7384BCF572-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-16-119-173.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01ac90f4fca667dcd40480339625fdd61fe23873559f2b4083f970602291e9e24326b4415d96a0c88ccdaa0bc6c0161d69e54c8a40cf3ad3a579705437624bde7cebacb28eaac92deb5d8d5045ee06b3640f125733d2e7e8718dc1f1dbfb3f10de
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39684
pixel
analytics.tiktok.com/api/v2/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.12.173 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-12-173.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
13c19ec
date
Tue, 21 May 2024 18:54:17 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240521185417B9D8971DE5E7AABB8B68-5FCAA6CF3B5FE3F1-00
x-cache
TCP_MISS from a2-16-119-173.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing
inner; dur=26, cdn-cache; desc=MISS, edge; dur=7, origin; dur=126
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240521185417B9D8971DE5E7AABB8B68
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
127,2.16.119.173
x-tt-trace-host
015c91947f38d3c27845e9b099943b1b0d45133ccc5ee37f62c24f68710b22a18d7bbc0727669026a7b4f9e2d008321802515496d563f40e3ac360708cc09ce97e05f2262cd47e3e37ffda5ad59c7125f0a060883405cffcc7e764135f44f91883
access-control-allow-headers
Authorization,*
expires
Tue, 21 May 2024 18:54:17 GMT
questrial-latin-400-normal.woff2
rainbowvomit.com/wp-content/uploads/sites/3771/2024/05/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2024/05/questrial-latin-400-normal.woff2
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Origin
https://rainbowvomit.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 150 443
last-modified
Wed, 15 May 2024 07:38:22 GMT
server
nginx
etag
"ce115b54024eb1d6"
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
x-cache
HIT
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
19292
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1094097700&t=pageview&_s=1&dl=https%3A%2F%2Frainbowvomit.com%2F&ul=de-de&de=UTF-8&dt=Rainbow%20Vomit%20%7C%20Immersive%20Art%20Experience%20Dallas%2C%20TX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1726060449&gjid=1225923805&cid=1468160851.1716317658&tid=UA-72993211-1&_gid=2097941049.1716317658&_r=1&gtm=457e45f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd1=fareharbor-sites&jsscut=1&npa=1&z=292708809
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 May 2024 18:54:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbowvomit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72993211-1&cid=1468160851.1716317658&jid=1726060449&gjid=1225923805&_gid=2097941049.1716317658&npa=1&_u=YADAAUAAAAAAACAAI~&z=1566348773
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 21 May 2024 18:54:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbowvomit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=601831030245337&ev=PageView&dl=https%3A%2F%2Frainbowvomit.com%2F&rl=&if=false&ts=1716317657938&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716317657936.1629336076&hmd=70702cf0410687522934cfb3&pl=https%3A%2F%2Frainbowvomit.com%2F&cs_est=true&ler=empty&cdl=API_unavailable&it=1716317657598&coo=false&rqm=GET
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 21 May 2024 18:54:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.12.173 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-12-173.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
900a3d8c.13c1ab2
date
Tue, 21 May 2024 18:54:18 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24052118541854FEEFCE72CFDC5AB8EA-1CC805646C6A98D7-00
x-cache
TCP_MISS from a2-16-119-173.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time
116,2.16.119.173
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=28, inner; dur=24
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024052118541854FEEFCE72CFDC5AB8EA
x-cache-remote
TCP_MISS from a104-78-78-20.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
28,104.78.78.20
x-tt-trace-host
015c91947f38d3c27845e9b099943b1b0d45133ccc5ee37f62c24f68710b22a18d92ca0013925589d1ce15011cefb9906574e33eedcf784f515291d538c7866ab6b7182571b77437162a13eb3ce6731d12d1ae883ff5b48ddd83dbb762601a1389ada882d3511e45eafbf5611815e806ed
access-control-allow-headers
Authorization,*
expires
Tue, 21 May 2024 18:54:18 GMT
/
fareharbor.com/embeds/cart/ Frame EDEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fareharbor.com/embeds/cart/?u=dc60c6bf-32c3-43ee-b041-8a8a3ccbf2a7&from-ssl=yes&ga=UA-72993211-1%2C1468160851.1716317658%3B&ga4t=&g4=yes&cp=no&csp=no&back=https%3A%2F%2Frainbowvomit.com%2F
Requested by
Host: fareharbor.com
URL: https://fareharbor.com/embeds/api/v1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.125.55 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-125-55.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://rainbowvomit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-language
en-us
content-security-policy-report-only
form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dipr2nuwo661l.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com https://www.gstatic.com dipr2nuwo661l.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https//*.gstatic.com dipr2nuwo661l.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
content-type
text/html; charset=utf-8
date
Tue, 21 May 2024 18:54:19 GMT
p3p
CP="This is not a P3P policy."
strict-transport-security
max-age=31536000
vary
Accept-Encoding Cookie
x-amzn-trace-id
Root=1-664cedda-24dd4a3b4e3060d12a1a998b
x-content-type-options
nosniff
x-fh-loadbalancer
production
x-xss-protection
1; mode=block
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/_static/??-eJydjksOgzAMRC9U14LyWSHOEhKXOCSkskNRb1/EDWAz0hvpjQb3D9i8FloLFk+JFN9GyBuZsoByOYqgOG0cHZ74DPrAK9aXHWWQvF82NbJd7lnAycwEs4mR5Hdz40hH6s/nYxqqvurqummbV/gDo39z0Q==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ca9cff4c3e7fefab522786421cf297a56db58f69a66b067eeda886528a2f7eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 21 May 2024 18:54:18 GMT
337c91ea76d2957ed26147020b4c063b.jpg
rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/337c91ea76d2957ed26147020b4c063b.jpg?resize=200%2C200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
11db9f8169900e3066b3621f40913e14b8a378fdddef2b25cc457d46846930a4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 200 443
last-modified
Fri, 17 May 2024 11:06:56 GMT
server
nginx
etag
"e86d5e32c1c1a9af"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
9516
SORA0073-scaled.jpg
rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/SORA0073-scaled.jpg?resize=200%2C200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a33e00f906726f5eb0e129e6b4f1d8f90759bd734661d134dbb9f1b15d9ae80e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 88 443
last-modified
Fri, 17 May 2024 11:06:56 GMT
server
nginx
etag
"552b643e43c38abd"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
6720
6ae63714ae0db3dc83222dfa639b3c4c-1.jpg
rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/6ae63714ae0db3dc83222dfa639b3c4c-1.jpg?resize=200%2C200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f5626dbf2f1b1e555d54a8a7b0c5c261d5157266cabfede4cb04d9dc6ff47ea3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 198 443
last-modified
Fri, 17 May 2024 11:06:56 GMT
server
nginx
etag
"92390d603b93e10d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
10502
2022-Love-Story-Dee-Rob-1-1-scaled.jpg
rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/2022-Love-Story-Dee-Rob-1-1-scaled.jpg?resize=200%2C200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b861f7560ed263074b0f3b2eda79bdbe6d097d02aa984f6952801f6b1e00aa5e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 83 443
last-modified
Fri, 17 May 2024 11:06:56 GMT
server
nginx
etag
"fc06c63963a46615"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
8332
SORA0146-1-scaled.jpg
rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/SORA0146-1-scaled.jpg?resize=200%2C200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a7b4785e720e2508472dee29a4e03d37f5a350e1bab22493d02e9945c2de2ade

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 144 443
last-modified
Fri, 17 May 2024 11:06:56 GMT
server
nginx
etag
"d80ade99e4b1b915"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
14942
7ed35447b6d2649eb44be57859ff9896.jpg
rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/11/7ed35447b6d2649eb44be57859ff9896.jpg?resize=200%2C200
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e3ad0652afbd77992316191ba85360bd1ef0d6ff4ad638eaa9b61fa05091bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 88 443
last-modified
Fri, 17 May 2024 11:06:56 GMT
server
nginx
etag
"7b006de2b86587fd"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
10082
about-2.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/about-2.png?w=1600
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b8ac4d55b0009f19bbdf889c3dfc817089cbb12943b57044e6c0fd560a697834

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
width
166
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 202 443
last-modified
Fri, 17 May 2024 11:06:56 GMT
server
nginx
etag
"2ef48f29cd47f51f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
28748
www-widgetapi.js
www.youtube.com/s/player/018e9916/www-widgetapi.vflset/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/018e9916/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
727c77ec19d827a0c2e8e6f289b8031b6d753ff14b219a0e8f15d0a71e6c8bd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 17:00:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
6851
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13955
x-xss-protection
0
last-modified
Mon, 20 May 2024 04:17:48 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 21 May 2025 17:00:07 GMT
j_xYHcBRHXE
www.youtube.com/embed/ Frame A40A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/j_xYHcBRHXE?autoplay=1&controls=0&enablejsapi=1&fs=0&iv_load_policy=3&loop=1&modestbranding=1&origin=https%3A%2F%2Frainbowvomit.com&playsinline=1&rel=0&start&end&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/018e9916/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://rainbowvomit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 21 May 2024 18:54:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
Rainbow-Vomit-MOST-POPULAR.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		228 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/Rainbow-Vomit-MOST-POPULAR.png?w=600
Requested by
Host: rainbowvomit.com
URL: https://rainbowvomit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a0bffb4a44f1d3a89cc9daa7174ffc3cb301f69f0551e38cb1c8e7ce443a5105

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:19 GMT
x-rq
hhn1 109 140 443
last-modified
Fri, 17 May 2024 11:06:57 GMT
server
nginx
etag
"7d3792a4057a7f0b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
233304
rainbowvomit.png
rainbowvomit.com/wp-content/uploads/sites/3771/2022/05/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2022/05/rainbowvomit.png?w=32&h=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ad608680b82050e793de98fa776139629d4709846239ea8208772d240204b2dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:20 GMT
x-rq
hhn1 109 200 443
last-modified
Thu, 16 May 2024 05:51:02 GMT
server
nginx
etag
"e08860de46430ec9"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
1842
getBubbleContent
webchat.birdeye.com/ Frame DFFD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/getBubbleContent?update=0&source=false&bNum=197093&apikey=ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d&widgetApiVersion=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.176.57.3 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-57-3.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://rainbowvomit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 May 2024 18:54:21 GMT
etag
W/"58e-9GWusidyjcw6dKNMox4XSfsUq94"
vary
Accept-Encoding
x-powered-by
Express
Rainbow-Vomit-MOST-POPULAR.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		228 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/Rainbow-Vomit-MOST-POPULAR.png?w=600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a0bffb4a44f1d3a89cc9daa7174ffc3cb301f69f0551e38cb1c8e7ce443a5105

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:19 GMT
x-rq
hhn1 109 140 443
last-modified
Fri, 17 May 2024 11:06:57 GMT
server
nginx
etag
"7d3792a4057a7f0b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
233304
Rainbow-Vomit-Ultimate-Creators-Package-image-1.jpg
rainbowvomit.com/wp-content/uploads/sites/3771/2024/03/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2024/03/Rainbow-Vomit-Ultimate-Creators-Package-image-1.jpg?w=600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
37be6b0f25c824158ee6acf625016563c7352e239519e8c4edec29bdc5a2571b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:21 GMT
x-rq
hhn1 109 30 443
last-modified
Fri, 17 May 2024 11:06:58 GMT
server
nginx
etag
"0f2eb95f925fd626"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
21162
Sanctuary.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/Sanctuary.png?w=600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b6d31877ff7248d95b49f8308e4b5675b13da69ca07ab6d246d4f0977d0453ea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:21 GMT
x-rq
hhn1 109 36 443
last-modified
Fri, 17 May 2024 11:06:59 GMT
server
nginx
etag
"18ab745c5637819d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
233526
about-1.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/about-1.png?w=1600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e2a06654c9a333224dcad5d5678468263f44a121020168953426171a78737a9b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
width
1600
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:21 GMT
x-rq
hhn1 109 30 443
last-modified
Fri, 17 May 2024 11:06:59 GMT
server
nginx
etag
"b065c9c65b5058d4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
28490
getChatWindowContent
webchat.birdeye.com/ Frame 9DAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://webchat.birdeye.com/getChatWindowContent?emailRequired=0&bNum=197093&mobileRequired=1&defaultCountryCode=0&apikey=ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d&widgetApiVersion=2&isMicroSite=false&activationStatus=false&isWidgetAlignLeft=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.176.57.3 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-57-3.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://rainbowvomit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 May 2024 18:54:21 GMT
etag
W/"1e617-ofktsrk3LeIQ1kdoO0kR12QUZb8"
vary
Accept-Encoding
x-powered-by
Express
Rainbow-Vomit-exude-love-logo-WIDE2-e1686261951178.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/Rainbow-Vomit-exude-love-logo-WIDE2-e1686261951178.png?w=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1dda0c4dedc8d83256e39d40a7e9e668293e0d6edfcee1ef5070a8fa905b3b80

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:21 GMT
x-rq
hhn1 109 27 443
last-modified
Fri, 17 May 2024 11:06:59 GMT
server
nginx
etag
"d5978c24633ad4bc"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
24202
about-hme.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		600 KB
601 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/about-hme.png?w=800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
54c39c1a17f39b0eed0e03acb6305dfde2f669b39ab422072838b5372a8a5e4e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:21 GMT
x-rq
hhn1 109 142 443
last-modified
Fri, 17 May 2024 11:07:00 GMT
server
nginx
etag
"dff9557bc72d51b7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
614384
about-2.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/about-2.png?w=1600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b8ac4d55b0009f19bbdf889c3dfc817089cbb12943b57044e6c0fd560a697834

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
width
166
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:18 GMT
x-rq
hhn1 109 202 443
last-modified
Fri, 17 May 2024 11:06:56 GMT
server
nginx
etag
"2ef48f29cd47f51f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
28748
FINAL-LOGO-exude-love-white.png
rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rainbowvomit.com/wp-content/uploads/sites/3771/2023/06/FINAL-LOGO-exude-love-white.png?w=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffd::c000:4220 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3aa4559479c031db4a5e7a40dddba429123306c54e0293e367aebd95723504c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://rainbowvomit.com/
dpr
1
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:22 GMT
x-rq
hhn1 109 36 443
last-modified
Thu, 16 May 2024 05:49:45 GMT
server
nginx
etag
"6cce034cd56b872d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
61206
/
api-js.mixpanel.com/track/ 		25 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1716317662539
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 21 May 2024 18:54:23 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://rainbowvomit.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
71
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear
/
api-js.mixpanel.com/engage/ 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/engage/?verbose=1&ip=1&_=1716317662540
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Tue, 21 May 2024 18:54:23 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://rainbowvomit.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
47
access-control-allow-headers
X-Requested-With
content-length
25
alt-svc
clear
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2CHJ9R6QSF&gtm=45je45f0h1v889860019za200&_p=1716317657457&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1468160851.1716317658&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1716317657&sct=1&seg=0&dl=https%3A%2F%2Frainbowvomit.com%2F&dt=Rainbow%20Vomit%20%7C%20Immersive%20Art%20Experience%20Dallas%2C%20TX&en=scroll&ep.dimension1=fareharbor-sites&epn.percent_scrolled=90&_et=5&tfd=6136
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2CHJ9R6QSF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 21 May 2024 18:54:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbowvomit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CFFR6Z737C&gtm=45je45f0v9172196897za200&_p=1716317657457&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1468160851.1716317658&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1716317657&sct=1&seg=0&dl=https%3A%2F%2Frainbowvomit.com%2F&dt=Rainbow%20Vomit%20%7C%20Immersive%20Art%20Experience%20Dallas%2C%20TX&en=scroll&epn.percent_scrolled=90&_et=15&tfd=6186
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CFFR6Z737C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 21 May 2024 18:54:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbowvomit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
notification-sound.mp3
d3cnqzq0ivprch.cloudfront.net/prod/media/ 		24 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3cnqzq0ivprch.cloudfront.net/prod/media/notification-sound.mp3
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWJjYTQ0ZWY3MA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.35 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
080e668f4d6abe04b61ba984af0430b89b03d0043738a97703de0f57c5e3fb55

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rainbowvomit.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 18:54:25 GMT
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
24693
last-modified
Mon, 12 Jun 2023 23:14:52 GMT
server
AmazonS3
etag
"d7241ff2f74b80d2073d78efe6f1326b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
audio/mp3
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
IJb0LUyAd2vqcrkEgv9v6IvBGalYljsyGCAnPP1hq7QVUFLHAgbNZg==

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| gtag object| dataLayer object| uuid function| isValidUuid object| mixpanel string| mixpanelId object| google_tag_manager object| google_tag_data object| SIGNAL_TYPE string| GoogleAnalyticsObject function| ga object| gaGlobal function| onYouTubeIframeAPIReady object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks string| ajaxurl object| gaplugins object| gaData object| FH function| $ function| jQuery object| fh object| lazySizes function| LazyImage object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter number| wid number| update number| soundOff object| envObj number| emailRequired number| defaultCountryCode number| mobileRequired string| apikey number| widgetApiVersion number| bNum boolean| isMicroSite boolean| frmMicrosite boolean| isWidgetAlignLeft boolean| activationStatus boolean| source object| bizDataResp string| locale object| be_webchat

13 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2gmzhGGHgyshAVmM0lKlG8clxj6
.rainbowvomit.com/ Name: _ga_2CHJ9R6QSF
Value: GS1.1.1716317657.1.0.1716317657.0.0.0
.rainbowvomit.com/ Name: _ga_CFFR6Z737C
Value: GS1.1.1716317657.1.0.1716317657.0.0.0
.rainbowvomit.com/ Name: _ga
Value: GA1.2.1468160851.1716317658
.rainbowvomit.com/ Name: _gid
Value: GA1.2.2097941049.1716317658
.rainbowvomit.com/ Name: _gat_gtag_UA_72993211_1
Value: 1
.rainbowvomit.com/ Name: _fbp
Value: fb.1.1716317657936.1629336076
.rainbowvomit.com/ Name: mp_ec17ab267df6688013d497b75ddd3308_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18f9c8119c43b8-0c60016df5e535-26001d51-1d4c00-18f9c8119c43b8%22%2C%22%24device_id%22%3A%20%2218f9c8119c43b8-0c60016df5e535-26001d51-1d4c00-18f9c8119c43b8%22%2C%22Theme%22%3A%20%22fareharbor-sites%22%2C%22Shortname%22%3A%20%22rainbowvomit%22%2C%22Company%20Name%22%3A%20%22Rainbow%20Vomit%22%2C%22FareHarbor%20Site%22%3A%20true%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22__alias%22%3A%20%22%5C%22dc60c6bf-32c3-43ee-b041-8a8a3ccbf2a7%5C%22%22%2C%22%24user_id%22%3A%20%22%5C%22dc60c6bf-32c3-43ee-b041-8a8a3ccbf2a7%5C%22%22%7D
.youtube.com/ Name: YSC
Value: xJXq_u3rW18
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: qAHG6coMSaU
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgZw%3D%3D
birdeye.com/ Name: AWSALBCORS
Value: tkCxjp+OAd98CANe+y2y42zeUR7FO/IGv0Bl/V+oFSpcP76m7iqW8fmRf/y4ZncZCZO/n2NwI35utBUdzvuDDCcSute1XjsBKqxjsPloIs5fIFzpw77DLsUiT+Dw
webchat.birdeye.com/ Name: AWSALBCORS
Value: AYbcacaIl4TjHy/k5VYMc2Sx5FFuVQm+TiTySvzHKI899/gqmQ5yxwUbxsbXFiNixR8dkxuq/d+xX/0tdHAQTrY6F7toTmqK4WmU3XdIDsDCaJBhJ74W3wXIVUyB

24 Console Messages

Source Level URL
Text
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/601831030245337?v=2.9.156&r=stable&domain=rainbowvomit.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 117)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.youtube.com/s/player/018e9916/www-widgetapi.vflset/www-widgetapi.js(Line 265)
Message:
Unrecognized feature: 'web-share'.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rainbowvomit.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://reviews.bizinga.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d(Line 41)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://reviews.bizinga.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d(Line 50)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://reviews.bizinga.com/embed/v6/197093/1/770641554/ee7108fdb0aeaf6fab3b55ee6999c47e4be102640f0cee8d(Line 51)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-js.mixpanel.com
birdeye.com
cdn.mxpnl.com
cdnjs.cloudflare.com
connect.facebook.net
d3cnqzq0ivprch.cloudfront.net
fareharbor.com
rainbowvomit.com
region1.google-analytics.com
reviews.bizinga.com
stats.g.doubleclick.net
webchat.birdeye.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.17.25.14
2001:4860:4802:32::36
216.239.34.36
2600:1901:0:498c::
2a00:1450:4001:801::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c1d::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:fa87:fffd::c000:4220
35.186.241.51
50.18.123.174
52.9.117.201
52.9.125.55
54.176.57.3
65.9.95.35
92.123.12.173
067911efc5dfd3f378eccb1dc2f159b073b754aa325b193276aa836f121bcd42
080e668f4d6abe04b61ba984af0430b89b03d0043738a97703de0f57c5e3fb55
0c8e6cba0468687d303c9108186b7c5dc130a5b4b437d7ff927a617679175f2a
11db9f8169900e3066b3621f40913e14b8a378fdddef2b25cc457d46846930a4
14c023c7bd61fdceb1ee2c5d8b40b0f405ad0f9fd671efa6a1c7c3cc51a521b9
1dda0c4dedc8d83256e39d40a7e9e668293e0d6edfcee1ef5070a8fa905b3b80
37be6b0f25c824158ee6acf625016563c7352e239519e8c4edec29bdc5a2571b
3aa4559479c031db4a5e7a40dddba429123306c54e0293e367aebd95723504c6
3dfd330a8eae1561af7cc6d2adcb1e39613a3442dda9697b2c27007d3fba95f4
4c0aea6139bcfbb5d8295db45717b7dab4b1ea854564068c5cac0c2cefc679fd
4ca9cff4c3e7fefab522786421cf297a56db58f69a66b067eeda886528a2f7eb
54c39c1a17f39b0eed0e03acb6305dfde2f669b39ab422072838b5372a8a5e4e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e2365d9da911651e8763b50cacf0b912b95dc2a55a32863197200d3e83f52a3
727c77ec19d827a0c2e8e6f289b8031b6d753ff14b219a0e8f15d0a71e6c8bd2
740bdab811505d373ce655dfa3ebcad45a299f7a6de439ea86170789b09d9750
74b8694103ca5a913d27d154a49e5b339dad79bd1b0e9510f04f4dd057fbf9a2
771c5de3e2ff6eec34627ee9dff7a8e3bb0a84500be887040af15830bd4c07c8
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3
8df608b9c44d5178851a3e065d41100374064ebf47dd0e69af12789a63eab468
975f0642546c800db136ef156d328aba12bd319899fb68fa5c03b1947f69ab53
a0bffb4a44f1d3a89cc9daa7174ffc3cb301f69f0551e38cb1c8e7ce443a5105
a33e00f906726f5eb0e129e6b4f1d8f90759bd734661d134dbb9f1b15d9ae80e
a7b4785e720e2508472dee29a4e03d37f5a350e1bab22493d02e9945c2de2ade
ad608680b82050e793de98fa776139629d4709846239ea8208772d240204b2dd
aedd2199c022c69d40bd7b1b1f681d6516d9b0b1895c22c5543d14d26c2266cb
b2db322ca94503daff7186a4918c58a64419495601ffff2146ceffca2579aeed
b3bc1649ff816011ae1fd1a11c26b674d758314ddc9336fb4d7b997541db5f97
b533f0c07f662f24ef3640ba6d9778e70b708b5767dccae54021e5fa43b80ef6
b6d31877ff7248d95b49f8308e4b5675b13da69ca07ab6d246d4f0977d0453ea
b861f7560ed263074b0f3b2eda79bdbe6d097d02aa984f6952801f6b1e00aa5e
b8ac4d55b0009f19bbdf889c3dfc817089cbb12943b57044e6c0fd560a697834
bc6035dfc9a4abf064076b5ebe6a176fcd6e62ec094403f3f5b13056faa4f4ea
c1e3ad0652afbd77992316191ba85360bd1ef0d6ff4ad638eaa9b61fa05091bb
cc21ce182af6c59ff1e8b724d83b1466f88d8fac79ea8ec63c766c94c8f00748
d64559f8b92d1b53101ead68e6549baff42ed551d6bd56e54c9f03b838b18f72
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
db62eeaafd6cc5c176131ee897fce0fa65ac376ed637de3b67af514b1ea9097a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2a06654c9a333224dcad5d5678468263f44a121020168953426171a78737a9b
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
f5626dbf2f1b1e555d54a8a7b0c5c261d5157266cabfede4cb04d9dc6ff47ea3
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e